Category: Information Security Buzz

In a newly seen phishing campaign, malicious actors have exploited URL manipulation techniques to obfuscate their malicious links, compromising businesses and individuals worldwide.   Check Point researchers identified a whopping 200,000 phishing emails abusing URL information to hide phishing links, with…

Read more →

2025 promises to be a big year in cybersecurity—for all the wrong reasons. While many are familiar with the projection that cybercrime will cost $10.5 trillion, Forrester’s updated report projects the costs will likely be closer to $12 trillion. To…

Read more →

The second annual Fortra State of Cybersecurity Survey is here. It reveals that organizations are ensuring their foundational and fundamental cybersecurity position is robust to combat more sophisticated threats and comply with more stringent regulations. We also see a rise…

Read more →

By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…

Read more →

Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…

Read more →

Ransomware attacks are no longer a question of “if” but “when” or even “how often”. In this candid interview, Nigel Sampson, a cybersecurity professional, chatted to Joe Pettit, Director at Bora, to share his experience dealing with a LockBit ransomware…

Read more →

Cybercrime-as-a-Service (CaaS) is more than just a trend—it’s here to stay. As sophisticated attack tools become widely (and easily) available, even less experienced cybercriminals can now carry out highly disruptive campaigns.   In fact, Malware-as-a-Service (MaaS) now makes up 57% of…

Read more →

A recent analysis by cybersecurity firm Hudson Rock on its Infostealers site has uncovered alarming vulnerabilities within the US military and its defense contractors due to widespread info stealer malware infections.   According to the company, these infections have compromised sensitive…

Read more →

There are two types of companies, as the saying goes: those that have been hacked and those that don’t know they’ve been hacked. This is especially true in financial services. According to the IMF’s Global Financial Stability Report, nearly one-fifth…

Read more →

Researchers from Trend Micro’s Threat Hunting team have uncovered a new technique employed by the advanced persistent threat (APT) group dubbed Mustang Panda or Earth Preta.   The cyberespionage group has been abusing the Microsoft Application Virtualization Injector (MAVInject.exe) to stealthily…

Read more →

The Qualys Threat Research Unit (TRU) has uncovered two significant vulnerabilities in OpenSSH, a widely used open-source implementation of the Secure Shell (SSH) protocol.   These flaws, tracked as CVE-2025-26465 and CVE-2025-26466, pose substantial security risks to enterprise infrastructure and encrypted…

Read more →

Various threat actors and organizations are expected to undergo significant changes. Deep and Dark Web (DDW) marketplaces will likely be influenced and governed by law enforcement operations and geopolitical factors, while ransomware, digital extortion, and social engineering will continue to…

Read more →

South Korea has formally suspended new downloads of the Chinese AI chatbot DeepSeek, citing concerns over data privacy and compliance with domestic regulations. The suspension took effect on 15  February, according to the Personal Information Protection Commission (PIPC).   While downloads…

Read more →

In the last year, we’ve seen threats become more elaborate and tactical as they leverage the latest technologies. In 2024, data breaches reached the second highest level on record, with 3,158 compromises on the year exposing the data of more…

Read more →

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that targets users by infecting Xcode projects. While the latest variant has only been observed in limited attacks, security researchers warn that its enhanced capabilities…

Read more →

As entities of every sector move more apps and workloads to the cloud, security is becoming a top priority. Microsoft Azure, one of the world’s most popular cloud platforms, provides a range of security tools and best practices to help…

Read more →

Jeremiah Fowler, an experienced cybersecurity researcher at vpnMentor and co-founder of Security Discovery, has uncovered a massive data exposure involving nearly 2.7 billion records linked to Mars Hydro, a China-based manufacturer of IoT-enabled grow lights.   The breach, which included sensitive…

Read more →

In MS SQL Server, master database is the primary database that stores system information. This includes login details, linked servers, endpoints, system configurations, existence of other databases, etc. If the master database gets corrupted or damaged, the SQL Server service…

Read more →

eSentire’s Threat Response Unit (TRU) has uncovered a new cyber espionage campaign leveraging a legitimate Adobe executable to sideload the EarthKapre/RedCurl loader. The attack specifically targeted a firm in the Legal Services industry, highlighting the group’s persistent focus on corporate…

Read more →

Two years ago this summer, I became a single mum. It was a bit of a hectic time. I was pregnant with my second child, and my toddler was full of energy. I needed to quickly learn how to balance…

Read more →