Category: Privacy/Governance Feed

TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment – Read More  –  

An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025 – Read More  –  

Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet – Read More  –  

While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data – Read More  –  

CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments – Read More  –  

Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report – Read More  –  

A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack – Read More  –  

IANS Research reveals a growth in executive-level CISO titles, amid resource challenges – Read More  –  

ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges – Read More  –  

DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security – Read More  –  

In modern enterprises, data is not a fixed resource that can be assigned to a particular system or department…. The post Understanding the enterprise data lifecycle appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions – Read More  –  

Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools – Read More  –  

A new DeadLock ransomware operation uses Polygon blockchain smart contracts to manage proxy server addresses – Read More  –  

The financial sector should finalize its post-quantum cryptography transition circa 2034, G7 cyber experts said – Read More  –  

Chainalysis estimates $17bn will be lost to crypto scams in 2025 as AI takes hold – Read More  –  

Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation – Read More  –  

SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques – Read More  –  

A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution – Read More  –  

Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments – Read More  –  

Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials – Read More  –  

Silent Push has discovered a new Magecart campaign targeting six major payment network providers that has been running since 2022 – Read More  –  

Lawmakers want the security industry to help them scrutinize the Cyber Security and Resilience Bill – Read More  –  

Organizations will start and possibly end with regulatory fines when discussing the cost of data breach. Although the fines imposed on the… The post The Real Cost of a Data Breach: Why Data Protection Is Now a Boardroom Priority appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools – Read More  –  

US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk – Read More  –  

California privacy regulator, the CPPA, is cracking down on data brokers trading personal data without authorization – Read More  –  

“Pervasive” threat of phishing, invoice scams and other cyber-enabled fraud is at “record highs”, warns WEF Cybersecurity Outlook 2026 – Read More  –  

TRM Labs says illegal crypto flows into digital wallets increased to $158bn in 2025 – Read More  –  

A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online – Read More  –  

As companies continue with their digital transformation processes, the pressure to maintain constant compliance with data protection is mounting…. The post 2025-2026 Roadmap: Maintaining Continuous Data Protection Compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Europol-backed operation targets group behind numerous BEC attacks and romance scams – Read More  –  

Researchers at the World Economic Forum have shown that threat actors can use commercial deepfake tools to bypass corporate security protections – Read More  –  

Check Point has uncovered a vast, AI-powered scam operation dubbed the “Truman Show” – Read More  –  

The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns – Read More  –  

Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features – Read More  –  

The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL – Read More  –  

A long-term cyber-espionage campaign targeting South Asia’s telecom firms has been linked to UAT-7290 – Read More  –  

Misconfigurations abused to make phishing emails look like they come from within the organization – Read More  –  

Absolute Security claims that full recovery from endpoint-related downtime can take up to a fortnight for most organizations – Read More  –  

The Trump administration decided to leave 66 international organizations, including the GFCE and the European Centre of Excellence for Countering Hybrid Threats – Read More  –  

A newly discovered vulnerability in authentication platform n8n could allow threat actors to take control of n8n servers – Read More  –  

In many organizations, security looks strong on paper. Policies are documented, audits are passed, and compliance dashboards glow reassuringly… The post Cryptography vs Security Theatre appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Malicious Windows packer named pkr_mtsi used as a flexible malware loader in malvertising campaigns – Read More  –  

New Android malware enables unauthorized tap-to-pay transactions without physical access to bank cards – Read More  –  

Taiwan recorded an average of 2.63 million cyber intrusion attempts to it critical infrastructure per day coming from China in 2025 – Read More  –  

Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks – Read More  –  

Threat actor “Zestix” was able to breach around 50 firms using infostealers because they lacked multi-factor authentication – Read More  –  

A hacking collective claims it has disconnected customers of US ISP Brightspeed – Read More  –