Category: Information Security Buzz

The number of successful cyber attacks on UK law firms has soared by 77% over the past year, rising from 538 incidents to 954, according to a recent study. The increase is attributed to the lucrative nature of law firms…

Read more →

Decades ago, office printers had one job: to present documents or images in a paper format. However, with technology evolving rapidly, the role of the office printer has changed drastically. Now, printers are multifunctional, allowing workers to copy, scan, send, or…

Read more →

The need for real-time compliance has never been more critical. As regulatory landscapes evolve and become more complex, organizations face mounting pressure to ensure they remain compliant at all times. This shift from traditional, periodic audits to continuous, real-time compliance…

Read more →

Nearly 32 million documents, including invoices, contracts, and agreements, were exposed online by ServiceBridge, a global field service management provider. Cybersecurity researcher Jeremiah Fowler made the discovery, reporting the unprotected database to WebsitePlanet. The database contained 31.5 million records, including…

Read more →

Seattle-Tacoma International Airport (SEA-TAC) appears to have been targeted by a cyberattack, with critical systems experiencing widespread internet outages for the third consecutive day, according to officials from the Port of Seattle. The disruptions, which began early on Saturday, have…

Read more →

Stroz Friedberg, a risk management firm under Aon, has identified a sophisticated malware strain targeting Linux systems. Dubbed “sedexp,” the malware exploits udev rules to maintain persistence and evade detection. According to researchers Zachary Reichert, Daniel Stein, and Joshua Pivirotto,…

Read more →

In today’s rapidly evolving digital landscape, Cybersecurity Advisory Boards (CABs) are crucial in helping organizations navigate the complexities of today’s digital landscape. By bringing together industry leaders, CABs provide strategic insights, foster collaboration, and ensure cybersecurity strategies stay ahead of…

Read more →

In Q2 2024,  new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit and some additional lesser-known factions, led a series of attacks that eclipsed the first quarter of this year by 16% and the second quarter of 2023 by…

Read more →

Prism Infosec, an independent cybersecurity consultancy,has introduced PULSE testing service. The service aims to help entities that may not have the resources to dedicate to a full-scale red team exercise and assess their defense capabilities against real-world threats.  The company…

Read more →

In the digital age, where cyber threats are increasingly sophisticated and data privacy regulations are more stringent than ever, Identity and Access Management (IAM) has become a cornerstone of organizational security. As we navigate through 2024, the IAM landscape continues…

Read more →

The FIDO Alliance has announced its agenda today for Authenticate 2024, the only industry conference dedicated to all aspects of user authentication. The event will be held from 14 to 16 October 2024 at the Omni La Costa Resort and Spa in Carlsbad,…

Read more →

The Qilin ransomware group, already infamous for its devastating attacks, has now been caught stealing credentials stored in Google Chrome browsers. This new tactic could amplify the chaos typically associated with ransomware breaches, spreading the impact far beyond the initial…

Read more →

Researchers from Quarkslab have uncovered critical vulnerabilities in the latest variant of MIFARE Classic compatible cards. Despite being touted as a secure alternative, the FM11RF08S card, developed by Shanghai Fudan Microelectronics, has been found to contain a hardware backdoor, among…

Read more →

In today’s rapidly evolving software development landscape, Artificial Intelligence (AI) and Machine Learning (ML) have emerged as significant threat vectors. Organizations worldwide are witnessing a surge in targeted attacks aimed at software developers, data scientists, and the infrastructure supporting the…

Read more →

A sophisticated cloud extortion campaign has compromised over 110,000 domains by exploiting misconfigured Amazon Web Services (AWS) environment variable (.env) files. By scanning for exposed .env files on unsecured web applications, threat actors were able to obtain AWS Identity and…

Read more →

In a new twist on phishing tactics, ESET analysts have uncovered a series of sophisticated campaigns targeting mobile users by leveraging Progressive Web Applications (PWAs). This use of PWAs, which are essentially websites functioning as standalone apps, sets this phishing…

Read more →

In a joint statement, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about heightened Iranian efforts to interfere in the upcoming US elections.…

Read more →

FlightAware, a provider of real-time flight tracking information, has informed users of a data security incident that may have exposed personal information. The company is taking precautionary measures by requiring all potentially impacted users to reset their passwords. The incident,…

Read more →

Microchip Technology Inc. announced Tuesday that it had been targeted by a cyberattack, prompting the US chipmaker to shut down some systems and reduce its operations. According to a regulatory filing, Microchip, a key supplier to the US defense industry,…

Read more →

Data centers have become integral to modern companies, considering the amount of information necessary for operations. These systems remain in place most of the time, but your business could determine it is time to move. How can you ensure safety…

Read more →