Tag: Information Security Buzz

ReliaQuest has released a detailed investigation into a cyber intrusion that impacted a manufacturing company in October 2024. The attack has been attributed with high confidence to the predominantly English-speaking cyber collective “Scattered Spider,” now partnering with the notorious “RansomHub”…

Read more →

As we wrap up our Cybersecurity Awareness Month series, we’d like to extend a huge thank you to everyone who contributed their insights and expertise. The response to this series has been incredible, and we’re grateful for the valuable advice…

Read more →

WhatsApp is rolling out a series of updates aimed at making it easier for users to manage their contacts privately across devices. Previously, users could only add contacts via their mobile device by entering a phone number or scanning a…

Read more →

In a new and sophisticated campaign, the infamous North Korean-affiliated Lazarus APT group and its BlueNoroff subgroup have once again proven their expertise in exploiting zero-day vulnerabilities. The group, known for targeting financial institutions, governments, and even cryptocurrency platforms, has…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has announced a set of proposed security requirements aimed at protecting Americans’ sensitive personal data and government-related information from foreign adversaries. These measures are part of the implementation of Executive Order 14117,…

Read more →

Cybersecurity has become a critical concern for businesses of all sizes. With cyber threats becoming more sophisticated and frequent, the cost of cybersecurity breaches continues to rise dramatically. In fact, the Netwrix 2024 Hybrid Security Trends Report found that 79% of organizations…

Read more →

The manufacturing industry has emerged as the most targeted by cyber attacks, accounting for more than 25% of incidents across the top 10 sectors, with 45% of these involving malware. The industry’s appeal to malefactors has grown, largely due to…

Read more →

Cybersecurity experts from Positive Technologies’ Security Expert Center (PT ESC) have uncovered an exploit targeting Roundcube Webmail, an open-source email client written in PHP.   According to the researchers, Roundcube’s “extensive functionality and the convenient access it gives users to email accounts via a browser—without the…

Read more →

The manufacturing industry has emerged as the most targeted by cyber attacks, accounting for more than 25% of incidents across the top 10 sectors, with 45% of these involving malware. The industry’s appeal to malefactors has grown, largely due to…

Read more →

A staggering 70% of exploited vulnerabilities in 2023 were leveraged as zero days, meaning threat actors exploited the flaws in attacks before the impacted vendors knew of the bug’s existence or had been able to patch them. In addition, the…

Read more →

The NHS App is set to undergo a major transformation, with plans to make full medical records, test results, and doctor’s letters accessible to patients across England. This initiative is part of a new 10-year strategy aimed at revolutionizing how…

Read more →

A staggering 44% of CISOs were unable to detect a data breach in the last 12 months using existing security tools. Moreover, nearly three-quarters (70%) of CISOs feel their current security tools are ineffective at detecting breaches due to limited…

Read more →

Fortra’s Q2 2024 report has unveiled a series of concerning trends in the digital threat landscape, analyzing hundreds of thousands of attacks on enterprises, their employees, and brands across domains, social media, counterfeit websites, and the dark web. The findings…

Read more →

Cybersecurity is becoming necessary across multiple industries as they adapt to a technologically driven society. Construction is a perfect example, as most operations a decade ago would consist of human labor. Technological advancements explicitly built for the sector — like…

Read more →

A novel attack, dubbed ConfusedPilot, has been discovered, targeting widely used Retrieval Augmented Generation (RAG)-based AI systems such as Microsoft 365 Copilot.  This method allows malicious actors to manipulate AI-generated responses by introducing malicious content into documents referenced by these…

Read more →

Due to the tremendous feedback we received on our first two articles, which shared invaluable cybersecurity advice from industry experts, we’re excited to continue the series with even more insights. In this third installment, we delve deeper into the theme…

Read more →

Identity management, particularly privileged identity management, forms the backbone of an effective cybersecurity strategy. The ManageEngine Identity Security Survey 2024 sheds light on the current state of identity management, gathering insights from security decision-makers worldwide. The Importance of Identity Management…

Read more →

Leading artificial intelligence (AI) models are failing to meet key European regulatory standards in areas such as cybersecurity resilience and prevention of discriminatory outputs, according to data obtained by Reuters. The EU AI Act is being implemented in phases over…

Read more →

Iranian cyber actors are targeting organizations across critical infrastructure sectors, using brute force techniques to obtain user credentials and sell sensitive information on cybercriminal forums. The attacks have affected healthcare, government, information technology, engineering, and energy sectors. This was announced…

Read more →

Sophisticated and complex threats fuel rapid and profound change in the cybersecurity landscape. Malicious actors are exploiting advanced technologies, like artificial intelligence (AI), to launch more targeted, destructive attacks that are harder to detect. As yesterday’s security solutions battle to…

Read more →