Category: Information Security Buzz

French cybercrime police are investigating a ransomware attack on the Grand Palais Exhibition Hall in Paris, a venue for Olympic events such as fencing and Taekwondo. According to Reuters, the central computer system of the Grand Palais was targeted, but…

Read more →

While many small businesses rely on Microsoft 365 as their default software because of its flexibility and scalability, the seemingly endless, persistent threat of cyberattacks on email security suggests that its security standards must be revised. My opinion on the…

Read more →

A US technology contractor has inadvertently exposed the personal data of 4.6 million voters and election documents from multiple counties in Illinois, sparking significant concerns over election security and voter privacy. The databases, managed by Platinum Technology Resource, were found…

Read more →

In June, the HIPAA Journal reported a story that seems to be the trifecta of insider threat, third party risk, and medical technology risk. A terminated subcontractor employee of a medical transcription service stole at least one million patient records.…

Read more →

Proficio, a Managed Detection and Response (MDR) provider, has rolled out its ProBAS Breach and Attack Simulation service. The solution “rigorously” tests businesses’ security defenses, to ensure they can prevent compromise events and detect attacks throughout the entire threat detection and…

Read more →

Security researchers at Kaspersky have uncovered a new Android spyware campaign called LianSpy, which has been used for cyberespionage against targeted Android device users in Russia. The malware, dubbed “LianSpy,” has been in operation since July 2021, quietly harvesting sensitive…

Read more →

Wristband, a developer-first authentication platform designed for B2B SaaS, has released the public beta launch of its B2B authentication platform. Jim Verducci, CEO of Wristband, says building robust B2B authentication in-house is a complex and time-consuming process that can take…

Read more →

The cyber espionage group dubbed Evasive Panda (also known as StormBamboo and previously tracked as StromCloud) compromised an unnamed Internet Service Provider (ISP) in mid-2023 to push malicious software updates to target entities. This incident marks a significant escalation in…

Read more →

Infosec Institute, a cybersecurity education provider, is parterning with Career.io, a provider of professional career-development products and services. This collaboration aims to offer comprehensive career services to students enrolled in Infosec’s Immersive Boot Camps, equipping them with the skills and…

Read more →

A recently discovered vulnerability in the Domain Name System (DNS), dubbed ‘Sitting Ducks,’ has left millions of domains susceptible to hijacking. This attack vector, actively exploited since 2019, enables threat actors to deliver malware, phish, impersonate brands, and exfiltrate data.…

Read more →

Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…

Read more →

Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…

Read more →

Staff Reporter Over the past year, ransomware attacks have reached unprecedented levels of ambition and boldness, highlighted by a significant increase in extortion attacks. In fact, research from Zscaler ThreatLabz revealed an unparalleled ransom payout of $75 million – the…

Read more →

In today’s digital landscape, cybercriminals pose a perpetual threat to organisations. We are repeatedly reminded of the consequences of inadequate cybersecurity measures. In a cybersecurity breach, response time is critical to mitigating damage. Most cyber-attacks are like wildfires. Without the…

Read more →

Today’s businesses rely heavily on technology to streamline operations, enhance productivity, and connect with customers. However, this dependency has also opened the door to a growing threat: ransomware attacks. By 2031, the cost of ransomware attacks is estimated to reach…

Read more →

In the complex world of compliance, professionals deal with many responsibilities that go well beyond just cybersecurity.  Compliance can encompass areas such as financial regulations, anti-money laundering practices, and safety standards, each requiring its own set of specialized skills; however,…

Read more →

Home users and businesses use NAS (Network-Attached Storage) to store and manage data clearly and organise it and make it easy to access. With simplified scripts and hardware pre-installed with an optimised operating system, the NAS architecture helps improve the…

Read more →

In today’s digital world, cybersecurity is a top concern for organizations of all sizes. As our reliance on technology grows, so do the risks associated with cyber threats. Many organizations are turning to threat intelligence as a critical component of…

Read more →

We live in an era where customers demand convenience and instant gratification and want to use their smartphones and mobile devices to access their apps and services instantly. At the same time, trust in established brands such as Google or…

Read more →

The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…

Read more →