Tag: Information Security Buzz

NHS England’s National Cyber Security Operations Centre (CSOC) has issued a high-severity cyber alert in response to the active exploitation of a critical vulnerability, CVE-2024-40711, in Veeam’s Backup & Replication software. This alert follows Veeam’s security bulletin from September, which…

Read more →

Several interesting trends are emerging in the cybersecurity landscape, particularly the emergence of artificial intelligence (AI)-driven malware, as well as the ongoing dominance of ransomware threats. Threat actors have started using GenAI as part of their attack infrastructure, which illustrates…

Read more →

Cybercriminals are increasingly exploiting OpenAI’s model, ChatGPT, to carry out a range of malicious activities, including malware development, misinformation campaigns, and spear-phishing. A new report revealed that since the beginning of 2024, OpenAI has disrupted over 20 deceptive operations worldwide,…

Read more →

As we strive to “Secure Our World” this Cybersecurity Awareness Month, a few irrepressible haunts keep rearing their ugly heads. Here are some of the most malicious monsters hiding under our proverbial cybersecurity beds and what we need to know…

Read more →

Today’s businesses must navigate evolving technologies, customer expectations, and security threats. Digital assurance is emerging as a pillar of this transformation, ensuring that enterprises can mitigate risks, deliver reliable systems, and create long-term business value. Digital assurance is a key…

Read more →

Researchers at Jscrambler have uncovered a new skimming campaign dubbed the “Mongolian Skimmer.” This malware, initially detected through intelligence shared by Sansec, distinguishes itself through its use of unusual Unicode characters to obfuscate JavaScript code. Although at first glance, this…

Read more →

A whopping almost 32 million records and around 110 TB of data belonging to tech users from Trackman were left exposed to the internet. The database exposed user names, email addresses, device information, IP addresses, and security tokens. They were…

Read more →

Developers are spending significantly more time, and companies are spending 28K per developer each year on security-related tasks, such as manual application scan reviews, context switching, and secrets detection, among other things. This was revealed by JFrog, the Liquid Software company…

Read more →

Palo Alto Networks has issued an urgent advisory for its customers following the discovery of multiple critical vulnerabilities in its Expedition tool, which assists with firewall configuration migration. The vulnerabilities are as follows: CVE-2024-9463 has a score of 9.9. It’s…

Read more →

We had such an overwhelming response to our first article, which shared industry expert opinions during Cybersecurity Awareness Month, that we’ll be publishing another few articles with more expert insights over the next few weeks. Following on with the theme…

Read more →

A cyber-enabled disinformation campaign, dubbed Operation MiddleFloor, is targeting Moldova’s government and educational sectors, according to Check Point Research. The campaign began in early August and appears to have been aimed at influencing the country’s presidential elections on 20 October,…

Read more →

It’s often said, but worth repeating: In cybersecurity, we simply cannot afford to neglect the basics. Focus has increasingly shifted to the ‘scarier’ threats posed by Artificial Intelligence (AI) and other disruptive technologies, and many have been overlooking the basics…

Read more →

In the dynamic world of software development, security challenges are advancing at a rapid pace. Black Duck’s 2024 “Global State of DevSecOps” report examines the evolving trends and concerns in application security, drawing insights from a survey of over 1,000…

Read more →

Early Saturday morning, Lego’s website briefly fell victim to a crypto scam that advertised a fake Lego coin token.  The scam appeared as a banner on the homepage, positioned below an advertisement for Lego’s new Fortnite collaboration, which features building…

Read more →

Cyber threats are ubiquitous and constantly evolving and companies are in dire need of robust defense mechanisms to protect their digital assets and ensure business continuity. Remote Browser Isolation (RBI) technology has emerged as a pivotal solution, offering a unique…

Read more →

American Water, the largest publicly traded water and wastewater utility in the United States, has had to shut down certain systems following a cyberattack. The attack impacted the company’s online customer portal, MyWater, and paused billing services. In its 8-K…

Read more →

A newly active botnet, dubbed “Gorilla Botnet,” has unleashed a gargantuan wave of cyberattacks this past September, according to the NSFOCUS Global Threat Hunting System. During a surge in activity from September 4 to September 27, Gorilla Botnet issued more…

Read more →

VIPRE Security Group, a cybersecurity, privacy, and data protection company, has debuted a combined VIPRE Endpoint EDR+MDR package. This managed protection package provides organisations of all sizes with cost-effective, advanced, and around-the-clock endpoint security. For managed service providers (MSPs), this…

Read more →

Akamai researchers have identified a critical vulnerability in the Common Unix Printing System (CUPS) that could allow malicious actors to initiate powerful distributed denial-of-service (DDoS) attacks with minimal resources. Approximately 58,000 exposed devices are potentially at risk, posing a serious…

Read more →

CloudSEK, a provider of AI-driven cybersecurity solutions, has debuted Deep Fake Detection Technology, which is now available for free. The company says this initiative is part of its commitment to providing society with resources to combat cybercrime. Advanced Deep Fake…

Read more →