Tag: Information Security Buzz

Almost 17,000 Volvo employees have had their personal data exposed after attackers breached Conduent, an outsourcing company that manages workforce benefits and back-office services.   In a filing with the Maine Attorney General, Volvo Group North America said it learned in late January that employee data had been exposed through systems run by Conduent.  …

Read more →

For years, cybersecurity strategies have focused on people. From employees and contractors to partners and insiders, that familiar ‘humans are the weakest link’ rhetoric has defined the industry for decades. The tools and strategies developed to defend against threats, like…

Read more →

In many ways, managing security for citizen-developer apps is like flying several planes built by different manufacturers all at once. That’s because each no-code development platform uses separate dashboards, controls, policy engines, etc. Microsoft Power Platform measures altitude in feet,…

Read more →

What to Look for in a Pentesting Platform? Pen testing is increasingly becoming the way companies prove compliance with data privacy laws and battle-test their defenses. As the primary way of finding and exploiting vulnerabilities (before attackers do), pen testing…

Read more →

Saturday 28 October 2023 is a date that will live long in the memory of staff at the British Library. As they arrived for work that day, they encountered chaos taking place. Servers were no longer online. Crucial systems were…

Read more →

As we settle into 2026, the cybersecurity industry is experiencing dramatic change. AI, AI agents, Quantum, and even traditional attack techniques are developing in ways that impact how we protect our organisations and even how we communicate with our customers.…

Read more →

Media platform Substack has disclosed a data breach that exposed email addresses, phone numbers, and internal metadata of an unknown number of users. Credit card numbers, passwords, and financial information were not accessed.  In an email, Substack CEO Chris Best informed affected…

Read more →

The Olympics have traditionally been a major attack vector for cyber disruption, espionage, and financially motivated attacks.   The 2018 Winter Olympic Games in PyeongChang saw the Olympic Destroyer malware used to disrupt Wi-Fi, ticket, and venue systems during the opening…

Read more →

The Everest ransomware group has claimed responsibility for the breach against the global information management and storage firm Iron Mountain, stating that it stole approximately 1.4 terabytes of the firm’s internal and customer data.   The claims were made through the group’s posts on the…

Read more →

Attackers have hijacked the update mechanism of Notepad++, one of the world’s most popular open-source text editors, delivering  malware to targeted users over a period of six months.  In an advisory, developer Don Ho discussed how bad actors weaponized his two-decade-old project between June and December last year.  An…

Read more →

In 2025, attackers didn’t only target traditional areas of vulnerability; they went after those with the least defense and the most rapid change. These include new AI technologies, web applications, and operational technology (OT) for industries such as healthcare, manufacturing, energy, government, and finance.   In fact, attacks against OT protocol rose by…

Read more →

Microsoft has warned that information-stealing attacks are rapidly expanding beyond Windows to target Apple macOS environments using cross-platform languages such as Python.  The software giant’s Defender Security Research Team has observed macOS-targeted infostealer campaigns using social engineering techniques like ClickFix since late 2025 to distribute disk…

Read more →

Cybersecurity spend is projected to reach $183 billion by 2028, but that growth masks a dangerous misconception. Many midmarket organizations equate rising IT budgets with improved security, assuming that broad spending on technology automatically translates to better protection. However, this…

Read more →

A Shopify plugin meant to safeguard privacy did the opposite. For over 100 days, it quietly exposed hundreds of online stores to the kind of risk most businesses dread; data theft, full account takeover, and hijacked ad spend.  Ironically, the…

Read more →

A global police operation has dealt a heavy blow to the pro-Russian cybercrime network dubbed NoName057(16), which has been accused of launching disruptive digital attacks in support of Moscow’s war against Ukraine. Between 14 and 17 July, law enforcement agencies…

Read more →

Every year, the security community attends regional conferences, which offer a combination of educational learning, hands-on training, and the opportunity to meet with new and familiar faces. Steelcon takes place in Sheffield in mid-July. This year, the conference marked its…

Read more →

Cyber attacks are rising. Fast.  In the second quarter of 2025, entities around the world faced an average of 1,984 cyber attacks each week.  This was revealed by new research from Check Point.  That’s a 21% increase from the same…

Read more →

Cybercriminals have found a new way to stay hidden in plain sight. They’re using artificial intelligence to cloak phishing sites, fake stores, and malware traps, shielding them from scanners while still reaching real victims. This was revealed by recent research…

Read more →

The infamous cybercrime group known as Scattered Spider is expanding its playbook, and laying the groundwork long before the breach. New findings from Check Point Research reveal a sprawling infrastructure of more than 500 phishing domains, many designed to impersonate…

Read more →

The ransomware crisis continues to deepen. In the first half of 2025, 3,627 attacks were logged worldwide, a 47% jump from the same period last year. But confirmation remains scarce. According to Comparitech, of those incidents, just 445 were publicly…

Read more →