Tag: Information Security Buzz

The inaugural International AI Safety Report provides a comprehensive insight into General-purpose AI’s current state, future potential, and associated risks. General-purpose AI refers to AI models or systems that can perform a wide variety of tasks, as opposed to Specialized…

Read more →

Windows CE, a decades-old operating system originally designed for embedded systems, remains a crucial component of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) environments.  However, despite its widespread use in human-machine interfaces (HMI), kiosks, and even…

Read more →

Vast numbers of misconfigured Access Management Systems (AMS) across the globe are exposed to the public Internet, researchers from Internet Index Search Solution provider Modat have revealed.  The vulnerabilities, which span a wide range of industries—including critical sectors like construction,…

Read more →

Researchers at Palo Alto Networks have identified a new Linux malware strain dubbed Auto-Color, which uses cunning, advanced stealth techniques to slip through the security nets and maintain persistence on compromised systems.   The malware, first detected in early November last…

Read more →

At a time when artificial intelligence (AI) is reshaping cybersecurity, conventional approaches to passwords and endpoint management are increasingly vulnerable. AI-powered threats are rapidly evolving, leveraging automation and deep learning to crack passwords, slip past authentication measures, and exploit weaknesses…

Read more →

The Trump administration is set to significantly weaken the CHIPS Act by terminating hundreds of employees at the National Institute of Standards and Technology (NIST), the agency responsible for administering the semiconductor incentive program.    President Biden signed the bipartisan CHIPS…

Read more →

Cybersecurity researchers at SentinelLABS have uncovered a new campaign linked to the long-running Ghostwriter operation, targeting Belarusian opposition activists and Ukrainian military and government entities.   The campaign, which entered its active phase in late 2024, is ongoing, with recent malware…

Read more →

AI has become stronger each year as more industries adopt this technology. Superintelligence is on the horizon, so industry professionals must be one step ahead through superalignment. How could U.S. regulations factor into the equation? Here’s what you should know…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory on Ghost (Cring) ransomware.   The advisory, titled #StopRansomware: Ghost…

Read more →

A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication.   This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain…

Read more →

Cisco Talos has been actively tracking reports of extensive intrusion attempts targeting multiple major U.S. telecommunications companies. First identified in late 2024 and subsequently confirmed by the US government, this activity is attributed to a highly advanced threat actor known…

Read more →

In a newly seen phishing campaign, malicious actors have exploited URL manipulation techniques to obfuscate their malicious links, compromising businesses and individuals worldwide.   Check Point researchers identified a whopping 200,000 phishing emails abusing URL information to hide phishing links, with…

Read more →

2025 promises to be a big year in cybersecurity—for all the wrong reasons. While many are familiar with the projection that cybercrime will cost $10.5 trillion, Forrester’s updated report projects the costs will likely be closer to $12 trillion. To…

Read more →

The second annual Fortra State of Cybersecurity Survey is here. It reveals that organizations are ensuring their foundational and fundamental cybersecurity position is robust to combat more sophisticated threats and comply with more stringent regulations. We also see a rise…

Read more →

By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…

Read more →

Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…

Read more →

Ransomware attacks are no longer a question of “if” but “when” or even “how often”. In this candid interview, Nigel Sampson, a cybersecurity professional, chatted to Joe Pettit, Director at Bora, to share his experience dealing with a LockBit ransomware…

Read more →

Cybercrime-as-a-Service (CaaS) is more than just a trend—it’s here to stay. As sophisticated attack tools become widely (and easily) available, even less experienced cybercriminals can now carry out highly disruptive campaigns.   In fact, Malware-as-a-Service (MaaS) now makes up 57% of…

Read more →

A recent analysis by cybersecurity firm Hudson Rock on its Infostealers site has uncovered alarming vulnerabilities within the US military and its defense contractors due to widespread info stealer malware infections.   According to the company, these infections have compromised sensitive…

Read more →

There are two types of companies, as the saying goes: those that have been hacked and those that don’t know they’ve been hacked. This is especially true in financial services. According to the IMF’s Global Financial Stability Report, nearly one-fifth…

Read more →