Tag: Information Security Buzz

OpenAI has officially called on US lawmakers to exempt it from complying with state-level AI regulations, instead urging a unified approach under federal AI rules. It argues that a consistent, nationwide framework is critical to maintain US leadership in AI…

Read more →

The NHS is investigating claims made by a whistleblower regarding a security flaw at Medefer, an online healthcare provider working with the NHS. The whistleblower alleged that a flaw in the company’s application programming interface (API) exposed NHS patient data.…

Read more →

Google’s Threat Analysis Group (TAG) and Mandiant have uncovered a sophisticated espionage campaign linked to China-nexus threat actors, targeting vulnerable Juniper routers used in enterprise and government networks worldwide. This discovery highlights the ongoing risks posed by state-sponsored attacks against…

Read more →

In a joint advisory, US federal agencies have issued a cybersecurity warning about a sharp increase in attacks by Medusa ransomware, urging business leaders and IT teams to act immediately to protect their organizations.  The Federal Bureau of Investigation (FBI),…

Read more →

Kansas-based Sunflower Medical Group disclosed to authorities on 7th March that they had suffered a data breach compromising the personal and confidential information of 220,968 individuals.  In a statement on their website entitled ‘Notice of a Data Security Incident,’ Sunflower provided…

Read more →

Last month, employees at the UK-based engineering firm, Arup, were tricked by a deepfake video of the company’s CFO into transferring $25 million to cybercriminals. This isn’t an anomaly. It’s further proof that social engineering has become cybersecurity’s most costly…

Read more →

New research has revealed that although 86% of employees believe they can confidently identify phishing emails, nearly half have fallen for scams.   The study, conducted by KnowBe4, surveyed professionals in the UK, USA, Germany, France, Netherlands, and South Africa and…

Read more →

The House of Representatives has passed a bill that mandates contractors working with the federal government implement vulnerability disclosure policies (VDPs) in alignment with NIST guidelines.    The Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025, introduced by Chairwoman Nancy Mace…

Read more →

Elon Musk confirmed yesterday that social media platform X was hit by a “massive cyberattack” affecting users since Monday, causing issues like the inability to view posts or profiles properly. “There was (still is) a massive cyberattack against ,” he…

Read more →

A phishing email pretending to be from Binance, offering people the chance to claim newly created TRUMP coins, has turned out to be a phishing lure.   Cofense is warning that if victims follow the email’s instructions and download what is…

Read more →

YouTube was forced to release a statement last week warning users that fraudulent artificial intelligence (AI)- generated videos depicting their CEO Neal Mohan announcing changes in monetization were in circulation. The deepfake videos were sent out as private videos to…

Read more →

As the goal posts of what it means to be (and remain) ‘cyber secure’ constantly change, one thing stays constant: all organizations are viable targets for cybercriminals. It doesn’t matter whether you’re a large enterprise business, startup, or a government…

Read more →

2025 is set to be a massive year for MSPs, the latest MSP Horizons 2025 Report from N-able suggests. Fuelled by robust cybersecurity investments, AI-driven automation, and a surge in M&A activity, the industry is poised for significant growth, with…

Read more →

For their Breaking Digital Trust Report, researchers from Keyfactor analyzed 500,000 digital certificates to identify common certificate defects that could impact organizational security and determine the scale of the issue. They discovered that 91,239 of the 504,736 certificates, a concerning…

Read more →

Phishing and social engineering attacks are exploding as threat actors increasingly discover that humans are the most exploitable entry point in organizations. Unfortunately, 70% of organizations still report that their employees lack critical cybersecurity knowledge, even when many have a…

Read more →

A global effort led by Fortra, Microsoft’s Digital Crimes Unit (DCU), and the Health Information Sharing and Analysis Center (ISAC) has reduced access to weaponized versions of the powerful hacking tool Cobalt Strike by 80%.  Dramatic Reduction in Dwell Time …

Read more →

Did you know that your smart washing machine could be hacked, leading to the theft of your data?  It’s surprising, but this viral story on Twitter will make you rethink smart technology. Smart washing machines are known to consume no…

Read more →

Since 2020, the push for consolidating cybersecurity solutions has gained significant momentum. In 2021, Gartner highlighted vendor consolidation as one of the top security and risk trends. Their article, The Top 8 Security and Risk Trends We’re Watching, revealed that 75%…

Read more →

Following the conclusion of some of their matches this season, as with any other season, the sentiment among Leeds United football supporters that they have “been robbed” can be heard reverberating around the ground, on the terraces, and in the…

Read more →

Broadcom has issued a security alert warning VMware customers about three zero-day vulnerabilities attackers are actively exploiting in the wild. The flaws – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 – impact VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation,…

Read more →