Tag: Information Security Buzz

On January 17TH, 2025, the EU’s Digital Operational Resilience Act (DORA) came into effect. However, a recent survey of 200 UK CISOs from Censuswide found that 43% of the UK financial services industry will miss this compliance deadline despite facing…

Read more →

The US Department of Justice (DoJ) and the Dutch National Police have seized 39 domains linked to a Pakistan-based cybercrime network operated by a group known as Saim Raza, or HeartSender. The sites sold malicious tools to transnational organized crime…

Read more →

As artificial intelligence (AI) continues to transform industries, governments worldwide are racing to implement regulations that ensure its safe and ethical use.   From the EU AI Act to the White House’s Executive Order 14110 on AI, new frameworks set new…

Read more →

In the cybersecurity industry, we tend to look forward. And for good reason: cybersecurity is one of the fastest-moving, most dynamic fields out there. Staying in the fight against cybercriminals relies utterly on not just keeping up with the latest…

Read more →

Global zero-day incidents often reveal the vulnerability of organizations to risks originating from third-party resources. These moments are wake-up calls, highlighting the need for effective third-party risk management (TPRM). However, responding to such events is rarely straightforward. Identifying affected third…

Read more →

API attack traffic rose by 681% over a 12-month period, far outpacing the 321% increase in overall API call volume – a dramatic surge that highlights threat actors’ growing focus on APIs as attack vectors.  This was one of the…

Read more →

Chinese artificial intelligence (AI) startup DeepSeek, which has taken the market by storm, has temporarily limited new user registrations following a large-scale cyberattack that disrupted its services.   According to Reuters, the attack coincided with the company’s AI assistant becoming the…

Read more →

Every year, 28 January marks Data Privacy Day, a global event dedicated to championing the importance of data protection and privacy in our increasingly digital, connected world.   Established by the Council of Europe in 2006, this day commemorates the anniversary…

Read more →

In a newly discovered phishing campaign, malicious actors are using malicious PDF files to target mobile device users in potentially more than 50 countries.   Dubbed the “PDF Mishing Attack,” the campaign exploits the widespread trust in PDFs as a secure…

Read more →

The Federal Trade Commission (FTC) has filed a complaint that GoDaddy has violated Section 5 of the FTC Act pertaining to “unfair methods of competition” through “unfair or deceptive acts or practices.” The complaint details how GoDaddy’s failure to implement…

Read more →

Containerization technologies have transformed how applications are built, deployed, and managed. From speeding up production cycles to enabling seamless scalability, they have become the backbone of mission-critical enterprise applications. Gartner predicts that by 2027, 90% of global organizations will run…

Read more →

At the conclusion of each calendar year, organizations and observers across all industries try to put forward predictions on what the new year might hold, and we at Thales were no exception. In the latest episode of our Thales Security…

Read more →

Age verification laws for adult websites have led to a dramatic surge in VPN usage across the United States, research from vpnMentor’s Cybersecurity and Research Lab has revealed. The research brings into question the efficacy of these laws as users…

Read more →

Enterprises want it all, and they want it now – or at least within a few seconds. They want the benefits that GenAI can bring, like fast content and strategic advice based on data inputs. It’s not surprising that GenAI…

Read more →

Code Intelligence has started 2025 with a bang and captured the interest of the cybersecurity community by announcing ‘Spark,’ their new AI Test Agent, ahead of a launch party later this month. Influential AI-automated software testing company Code Intelligence has…

Read more →

Homebrew, the popular open-source macOS and Linux package manager has become the latest victim of a malvertising campaign to distribute information-stealing malware. Security researcher Ryan Chenkie uncovered the scheme, which leverages fake Google ads to deliver malware that compromises user…

Read more →

The healthcare industry is at a pivotal moment. The recent updates to HIPAA represent the most significant overhaul in healthcare data privacy regulations in years. The changes are designed to address the growing need to protect sensitive patient information amidst…

Read more →

In a new and ongoing large-scale cyber campaign, Qualys researchers have uncovered a variant of the infamous Mirai botnet called the Murdoc Botnet. This variant exploits vulnerabilities in widely used AVTECH Cameras and Huawei HG532 routers, allowing malicious actors to…

Read more →

Despite the increase in cloud adoption, there`s a notable decrease in confidence in handling cloud threats in real-time. The skills shortage is also a major challenge with 95% being moderately to extremely concerned and 76% being directly impacted. These were…

Read more →

A concerning security flaw has been identified in OpenAI’s ChatGPT API, allowing malicious actors to execute Reflective Distributed Denial of Service (DDoS) attacks on arbitrary websites. This vulnerability, rated with a high severity CVSS score of 8.6, stems from improper…

Read more →