Category: Information Security Buzz

In his latest work, Premier CISO -Board & C-Suite, Michael S. Oberlaender delivers a comprehensive guide for aspiring and current Chief Information Security Officers (CISOs) navigating the complex landscape of cybersecurity leadership. This book, the third in Michael’s series on…

Read more →

The U.S. Department of Justice (DOJ) has indicted three Iranian nationals linked to the Islamic Revolutionary Guard Corps (IRGC) for orchestrating a cyberattack aimed at influencing the 2024 US presidential election.  The indictment, unsealed today, charges Masoud Jalili, Seyyed Ali…

Read more →

A recent investigation by Bitsight TRACE has uncovered several critical 0-day vulnerabilities in six Automatic Tank Gauge (ATG) systems from five different vendors. These vulnerabilities are substantial real-world threats, with the potential for exploitation by malicious actors, leading to severe…

Read more →

APIs (Application Programming Interfaces) are the backbone of modern digital services, driving the seamless flow of data and functionality between applications. From enabling quick social media logins to processing payments and connecting complex systems, APIs have revolutionized how businesses operate…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has once again raised alarms about the ongoing exploitation of operational technology (OT) and industrial control systems (ICS) across critical infrastructure sectors. The warning comes amid an active investigation into a cybersecurity incident…

Read more →

Cybersecurity researchers identified critical vulnerabilities in Kia vehicles, revealing that attackers could remotely control cars using only a license plate number. The vulnerabilities were first identified in June this year and have since been patched, but the potential impact has…

Read more →

Non-profit privacy watchdog noyb (None of Your Business) has filed a formal complaint against Mozilla, accusing the tech company of enabling a controversial tracking feature in its Firefox browser without user consent. The feature, dubbed “Privacy Preserving Attribution” (PPA), was…

Read more →

In the rapidly evolving digital security landscape, artificial intelligence (AI) has emerged as both a powerful ally and a formidable adversary. As we navigate through 2024, the cybersecurity industry finds itself at a critical juncture, grappling with what experts call…

Read more →

Hackers have allegedly carried out a second Dell data breach within a week, compromising sensitive internal files via Atlassian tools. Allegedly, data from Jira, Jenkins, and Confluence has been exposed. Dell is currently investigating the initial breach. On 19 September…

Read more →

Recognizing that cyber criminals increasingly exploit software vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken the lead with a new resource for software customers—the “Secure by Demand Guide.” The Guide is part of CISA’s ongoing effort to…

Read more →

The PECB Conference 2024 is set to take place from 30 September to 3 October at the Van der Valk Hotel Breukelen in Amsterdam. This annual event will gather global experts, thought leaders, and professionals to explore the latest trends…

Read more →

In any organization, regardless of the industry or the size, cybersecurity is one of the most pressing concerns to handle. Some companies, especially those that store and manage large amounts of sensitive data and those that operate primarily in the…

Read more →

Despite cyber risk growing at an alarming rate, a recent global study from Trend Micro, highlights that many organizations are failing to implement adequate cybersecurity measures due to a lack of strategic leadership and investment. Key Findings of the Report…

Read more →

In a troubling development, the Necro Trojan has resurfaced on Google Play, infecting popular applications and reaching millions of Android devices worldwide. Kaspersky’s cybersecurity researchers discovered the Necro malware in various apps, including some available on official app stores like…

Read more →

Attackers are employing AI-generated scripts, leveraging malvertising to distribute rogue PDF tools, and embedding malware in image files. These developments mark a significant shift in the threat landscape, accelerating the frequency and complexity of cyberattacks. This was revealed by HP’s…

Read more →

The United Nations (UN) Secretary-General’s High-level Advisory Body on Artificial Intelligence (HLAB-AI) released a comprehensive report titled “Governing AI for Humanity,” which proposes global governance mechanisms for Artificial Intelligence (AI). The report is based on extensive consultations and presents a…

Read more →

Red Canary has released a midyear update to its 2024 Threat Detection Report, revealing key cybersecurity trends and evolving threats. Among the most notable findings is the rise of Atomic Stealer, an infostealer targeting macOS devices, which entered the top…

Read more →

APIs (Application Programming Interface) have assumed an indispensable role in the digital space, facilitating seamless communication and data exchange between an array of software applications and services. They underpin our daily interactions, from ordering meals through food delivery apps to…

Read more →

The European Union Agency for Cybersecurity (ENISA) has released its annual Threat Landscape report for 2024, providing crucial insights into the evolving cybersecurity challenges facing the EU. Here are the key takeaways: Prime Threats Remain Consistent Denial of Service (DDoS)…

Read more →

Social media and video streaming services  (SMVSSs), including Amazon, Alphabet-owned YouTube, Meta’s Facebook and TikTok, are engaging in a “vast surveillance of users” to profit off their personal information. The report also raised concerns about the lack of meaningful privacy…

Read more →