Tag: Information Security Buzz

In the short time since its debut, DeepSeek has made waves in the AI industry, garnering praise as well as scrutiny. The model’s meteoric rise has fueled debate over its claimed efficiency, intellectual property worries, and its general reliability and…

Read more →

Ransomware payments decreased by 35.82% year-over-year (YoY) in 2024, research from Chainalysis has revealed. The blockchain analytics company attributes much of this decrease to increased law enforcement actions, improved international collaboration, and a growing refusal of victims to pay.   While,…

Read more →

The UK and the US have opted not to sign an international agreement on artificial intelligence (AI) at a global summit held in Paris. The declaration—endorsed by multiple countries including France, China, and India—commits to an “open,” “inclusive,” and “ethical”…

Read more →

As IT environments grow increasingly complex, the necessity for advanced security measures at the endpoint level has never been more critical. This year will bring a wave of new challenges and opportunities in cybersecurity. Two prominent trends that will shape…

Read more →

Cybercriminals are rapidly evolving their tactics for exploiting large language models (LLMs), with recent evidence showing a surge in LLMjacking incidents. Since Sysdig TRT first discovered LLMjacking in May 2024,  it says attackers have continuously adapted, targeting new models such…

Read more →

Organizations are increasingly prioritizing compliance due to recent regulatory requirements, such as those from the US Government regarding the sale of software to the US government and the EU’s Digital Operational Resilience Act (DORA).   This was one of the findings…

Read more →

Sectigo has introduced Sectigo PQC Labs, a testing platform developed in collaboration with Crypto4A, a provider of quantum-safe Hardware Security Modules (HSMs).   The platform aims to help companies prepare for the transition to post-quantum cryptography (PQC) by offering a secure…

Read more →

The software industry is full of surprises. From development to user experience, it`s a vast avenue of innovations, problem-solving, and security hurdles, driving to create a better and reliable digital landscape for everyone. We spoke with Paul Davis, Field CISO at JFrog,…

Read more →

Morphisec Threat Labs has uncovered cunning new delivery techniques used by ValleyRAT, a sophisticated multi-stage malware attributed to the Silver Fox APT.   The malware, which primarily targets key roles in finance, accounting, and sales, has evolved with updated tactics, techniques,…

Read more →

For long-time cybersecurity industry veterans, we’re in an age that once we never thought possible; cybersecurity has moved from a backroom, “IT-only” relegation to a top-of-mind business objective. Right where we always thought it should be. However, this new era…

Read more →

A recent security analysis conducted by Qualys, using its AualysTotalAI solution, has raised significant concerns about DeepSeek-RI’s risks, particularly in enterprise and regulatory settings.  The newly released large language model (LLM) has captured global attention with its promise of high…

Read more →

Malware designed to steal credentials from password stores now accounts for 25% of all malware activity—a dramatic threefold increase in this type of threat.  This was one of the findings of Picus Security’s annual cybersecurity analysis, The Red Report 2025.…

Read more →

2024 was a brutal year for data security, with some of the world’s biggest companies suffering breaches that exposed millions of sensitive records.   The attacks were carried out by well-known cybercriminal groups, including Alphv/BlackCat, Qilin, and Rhysida, and shone a…

Read more →

As the UK government rolls out its ambitious AI Opportunity Action Plan to enable greater implementation of new technologies to boost economic growth, it faces a critical challenge: ensuring every industry is prepared for this seismic shift.  Interestingly, both UK…

Read more →

A new threat actor, dubbed Tangerine Turkey by Red Canary’s intelligence team, is attracting attention thanks to its sophisticated use of a Visual Basic Script (VBScript) worm that delivers a crypto mining payload.   First seen in November last year, Tangerine…

Read more →

Smiths Group, a multinational engineering business, has disclosed a data breach. The company, which is based in London but employees more than 15,000 people in over 50 countries, published a filing to the London Stock Exchange (LSE) on Tuesday saying…

Read more →

Malicious actors have exploited the rising popularity of DeepSeek AI to distribute two malicious infostealer packages through the Python Package Index (PyPI), impersonating legitimate developer tools for the AI platform.   Researchers at Positive Technologies discovered and reported the campaign, which…

Read more →

CISOs today must decide what is an acceptable risk to their organization. It’s an impossible equation to solve as enterprise attack surfaces are rapidly expanding, necessitating the need for a modernized approach to risk assessment. The most forward-thinking CISOs use…

Read more →

The average time it takes for an attacker to move laterally after gaining initial access – known as breakout time – has plummeted to just 48 minutes, new research from ReliaQuest has revealed.   These results represent a 2% increase in…

Read more →

Security leaders often have a narrow view of human-element breaches, thinking of them as either social engineering or human error, but there’s more to it than that. Breaches that start with a person can be divided into broader categories, including…

Read more →