Category: Information Security Buzz

As the goal posts of what it means to be (and remain) ‘cyber secure’ constantly change, one thing stays constant: all organizations are viable targets for cybercriminals. It doesn’t matter whether you’re a large enterprise business, startup, or a government…

Read more →

2025 is set to be a massive year for MSPs, the latest MSP Horizons 2025 Report from N-able suggests. Fuelled by robust cybersecurity investments, AI-driven automation, and a surge in M&A activity, the industry is poised for significant growth, with…

Read more →

For their Breaking Digital Trust Report, researchers from Keyfactor analyzed 500,000 digital certificates to identify common certificate defects that could impact organizational security and determine the scale of the issue. They discovered that 91,239 of the 504,736 certificates, a concerning…

Read more →

Phishing and social engineering attacks are exploding as threat actors increasingly discover that humans are the most exploitable entry point in organizations. Unfortunately, 70% of organizations still report that their employees lack critical cybersecurity knowledge, even when many have a…

Read more →

A global effort led by Fortra, Microsoft’s Digital Crimes Unit (DCU), and the Health Information Sharing and Analysis Center (ISAC) has reduced access to weaponized versions of the powerful hacking tool Cobalt Strike by 80%.  Dramatic Reduction in Dwell Time …

Read more →

Did you know that your smart washing machine could be hacked, leading to the theft of your data?  It’s surprising, but this viral story on Twitter will make you rethink smart technology. Smart washing machines are known to consume no…

Read more →

Since 2020, the push for consolidating cybersecurity solutions has gained significant momentum. In 2021, Gartner highlighted vendor consolidation as one of the top security and risk trends. Their article, The Top 8 Security and Risk Trends We’re Watching, revealed that 75%…

Read more →

Following the conclusion of some of their matches this season, as with any other season, the sentiment among Leeds United football supporters that they have “been robbed” can be heard reverberating around the ground, on the terraces, and in the…

Read more →

Broadcom has issued a security alert warning VMware customers about three zero-day vulnerabilities attackers are actively exploiting in the wild. The flaws – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 – impact VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation,…

Read more →

Researchers from Socket have identified an ongoing campaign involving at least seven typosquatted Go packages. These packages impersonate well-known Go libraries and are designed to deploy loader malware on Linux and macOS systems.   Typosquatted packages are malicious software components designed…

Read more →

Cybercriminals are more sophisticated than ever, a new report from CrowdStrike reveals. Breakout times are falling, social engineering is becoming more common and effective, and cyber espionage – particularly that originating in China – is growing increasingly aggressive.   “Our latest…

Read more →

Microsoft Threat Intelligence has warned of a shift in tactics by Silk Typhoon, a Chinese espionage group that is now exploiting vulnerabilities in common IT solutions—including remote management tools and cloud applications—to gain initial access to target entities.   The software…

Read more →

Admins are in a tough position right now. Enterprise ecosystems are expanding, role responsibilities are growing, and hackers are getting smarter. Rather than viewing AI as another potential vulnerability, Hexnode CEO Apu Pavithran argues that admins must embrace it as…

Read more →

A major Microsoft outage on 1 March left tens of thousands unable to access key services like Outlook, Teams, and Office 365 for over three hours. Microsoft has not fully explained the cause but blamed a “problematic code change.”  Timeline…

Read more →

Google has issued an urgent security alert addressing two critical Android vulnerabilities, CVE-2024-43093 and CVE-2024-50302, which are actively being exploited in coordinated attacks targeting devices running Android versions 12 through 15.   The vulnerabilities, patched in the March 2025 Android Security…

Read more →

A new cyber espionage campaign has been uncovered targeting a select group of entities in the United Arab Emirates (UAE), focusing on aviation, satellite communications, and critical transportation infrastructure.   The attack, identified by Proofpoint researchers, used advanced obfuscation techniques and…

Read more →

AI-driven automation and real-time transaction monitoring are the top priorities for organizations seeking to combat fraud, the 2025 Digital Fraud Outlook report published by SEON has revealed. Fraud Budgets Grow, But ROI is Complicated According to the report, 85% of…

Read more →

The Splunk Threat Research Team has uncovered a widespread cyber campaign targeting Internet Service Provider (ISP) infrastructure providers on the West Coast of the United States and in China. Over 4,000 ISP-related IPs were explicitly targeted in this campaign.  The…

Read more →

JFrog a liquid software company and creators of the JFrog Software Supply Chain Platform, has debuted  JFrog ML, a MLOps solution as part of the JFrog Platform designed to enable development teams, data scientists and ML engineers to quickly develop…

Read more →

Cybersecurity information sharing is a crucial element of a strong security culture, and organizations should actively facilitate and encourage it to reduce human risk, a new report from KnowBe4 argues.   Called “Cybersecurity Information Sharing as an Element of Sustainable Security…

Read more →