Category: Information Security Buzz

Imagine if Santa’s workshop were brought down by a ransomware attack in December — children around the world would be disappointed. A multitude of holidays between Thanksgiving and New Year’s creates an optimal opportunity for cybercriminals, with government reports confirming…

Read more →

Cybercriminals are using phish kits developed by authoring group SpartanWarriorz to target over 300 global brands, new research from Fortra has revealed. Attackers using the kits tend to target financial institutions in North America and Europe, retail, delivery services, and…

Read more →

If you look inside your cybersecurity Christmas cracker later this month to discover a riddle asking – What takes an hour to execute, requires no user interaction, and doesn’t generate any notifications? You might be spitting your sherry out when…

Read more →

Doughnut giant Krispy Kreme has disclosed a cyberattack that happened on 29 November and has led to significant operational disruptions, particularly affecting its online ordering system in parts of the United States. The doughnut chain disclosed the cyberattack in an 8-K…

Read more →

The FCC has released a statement calling for urgent actions to strengthen U.S. communications systems against cyberattacks in light of recent foreign intrusions, with ‘state-sponsored cyber actors from the People’s Republic of China’’ directly named as a perpetrator. In the…

Read more →

In a major international crackdown, Belgian and Dutch authorities, supported by Europol and Eurojust, have dismantled a phone phishing gang responsible for large-scale financial fraud across Europe. The operation resulted in eight arrests and significant seizures. Action Day Results Law…

Read more →

The 40+ dating platform Senior Dating has been the victim of a data breach, compromising the personal information of 765,517 users. The breach, linked to an exposed Firebase database, has raised serious concerns about protecting sensitive data in online matchmaking…

Read more →

The digital landscape has become treacherous, and organizations must constantly reinvent their defensive strategies. Gone are the days of simple firewalls and basic security protocols. Today’s cyber challenges demand a revolutionary approach that combines strategic thinking, technological innovation, and human…

Read more →

Independent cybersecurity experts Noam Rotem and Ran Locar have exposed a sophisticated cyber operation targeting vulnerabilities in public websites, leading to unauthorized access to sensitive customer data, infrastructure credentials, and proprietary source code. The researchers collaborated with the AWS Fraud…

Read more →

Artivion, a prominent manufacturer of heart surgery devices, disclosed a significant ransomware attack that has disrupted its operations. The incident involved the encryption and acquisition of company files, prompting Artivion to take immediate measures to contain the breach. According to…

Read more →

More than half of M&A security incidents in 2024 were non-malicious, resulting instead from integration-induced investigation delays, policy and compliance challenges, and issues baselining internal tools, a report from ReliaQuest has revealed. These findings suggest that inherited assets present a…

Read more →

Phishing scams impersonating major holiday brands like Walmart, Target, and BestBuy increased by more than 2000% during Black Friday week, new research from Darktrace has revealed. These findings come as part of a wider increase in phishing activity during the…

Read more →

As we unveil the third edition of Information Security Buzz’s 2025 predictions, we are thrilled by the incredible response. In this installment, we dive even deeper into the evolving cybersecurity landscape, where advancements in AI, quantum computing, and cloud technologies…

Read more →

The challenges around data governance are evolving rapidly, driven by the rapid adoption of generative AI, stringent regulatory requirements, and heightened cybersecurity risks. As we approach 2025, organisations are realising that traditional approaches to data governance are no longer sufficient.…

Read more →

On 20 November 2024, the EU Cyber Resilience Act (CRA) was published in the Official Journal of the EU, kicking off the phased implementation of the CRA obligations. The European Union has introduced the Cyber Resilience Act to bolster the cybersecurity…

Read more →

The Linux Foundation, in collaboration with the Laboratory for Innovation Science at Harvard, has unveiled a comprehensive study, “Census III of Free and Open Source Software – Application Libraries (Census III).” The report identifies the most widely used free and…

Read more →

Artificial intelligence (AI) is transforming industries at an unprecedented pace, offering solutions to some of the world’s most complex challenges. But with its immense potential come significant risks—bias, discrimination, data privacy breaches, and security vulnerabilities. Governments worldwide have enacted AI…

Read more →

As 2025 approaches, the cybersecurity landscape is set to face a new slew of challenges fueled by evolving threats and stringent regulations. According to Kiteworks’ newly released “2025 Forecast for Managing Private Content Exposure Risk” report, there are 12 transformative…

Read more →

As a small business owner reading endless news stories about cyberattacks against well-known enterprise names, it can be easy to think it won’t happen to you. In reality, hackers don’t discriminate: businesses of all sizes can and do find themselves…

Read more →

Two critical vulnerabilities (CVE-2024-42448 and CVE-2024-42449) have been identified in Veeam Service Provider Console (VSPC), prompting an urgent call for users to update their systems. According to Veeam’s latest security advisory, the vulnerabilities affect all builds of VSPC versions 7…

Read more →