Category: Privacy/Governance Feed

The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog – Read More  –  

Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI – Read More  –  

Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as 9.9 – Read More  –  

Google Cloud’s Sandra Joyce said that Chinese state actors’ advanced techniques and ability to stay undetected pose huge challenges – Read More  –  

Google Cloud announced a number of security products designed to reduce complexity for security leaders – Read More  –  

The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report – Read More  –  

A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan – Read More  –  

A new AI-powered framework dubbed “AkiraBot” has successfully spammed 80,000 websites since September 2024 – Read More  –  

Police have made more arrests in the ongoing Operation Endgame, cracking down on malware customers – Read More  –  

WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software – Read More  –  

New phishing method targets high-value accounts using real-time email validation – Read More  –  

While ransomware attack claims are at an all-time high, financial losses from actual attacks may be reducing – Read More  –  

73% of respondents in an Armis survey said they worried about nation-state actors using AI for cyber-attacks – Read More  –  

Microsoft has issued security updates to fix 130+ vulnerabilities this month, including one zero-day – Read More  –  

The UK and allies have warned of new mobile spyware targeting Uyghur, Tibetan and Taiwanese communities – Read More  –  

As cyberattacks become more sophisticated, businesses must leverage advanced technologies to stay ahead of bad actors. Enter Artificial Intelligence… The post AI in Cybersecurity: Balancing Innovation with Governance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Google’s latest Android update fixes 62 flaws, including two zero-days previously used in limited targeted attacks – Read More  –  

NIST marks CVEs pre-2018 as “Deferred” in the NVD as agency focus shifts to managing emerging threats – Read More  –  

With the increasing digitalization of personal data and the rise of stringent data privacy regulations worldwide, organizations are under… The post Unlocking DPDP Act Compliance: Essential Tools You Need to Know appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation – Read More  –  

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog – Read More  –  

The British government has launched a new code of practice designed to boost corporate cyber governance – Read More  –  

Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor – Read More  –  

A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad – Read More  –  

Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums – Read More  –  

Vodafone Business has urged the UK government to implement policy changes, including improvements to the Cyber Essentials scheme and tax incentives for cybersecurity – Read More  –  

Osney Capital’s new fund is the first to focus exclusively on early-stage UK cybersecurity – Read More  –  

Cyber-attacks on Australian superannuation funds leave some savers out of pocket – Read More  –  

A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities – Read More  –  

The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks – Read More  –  

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution – Read More  –  

An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users – Read More  –  

A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process – Read More  –  

Artificial Intelligence (AI) is reshaping the cybersecurity landscape, enabling organizations to detect threats faster, automate responses, and enhance overall… The post AI Governance in Cybersecurity: Balancing Innovation and Risk appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware – Read More  –  

Highline Public Schools revealed that sensitive personal, financial and medical data was accessed by ransomware attackers during the September 2024 incident – Read More  –  

Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year – Read More  –  

BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors – Read More  –  

A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages – Read More  –  

A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users – Read More  –  

Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily – Read More  –  

Hackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase – Read More  –  

Google has found a significant increase in North Korean actors attempting to gain employment as IT workers in European companies, leading to data theft and extortion – Read More  –  

Gaming community Steam appeared most often in phishing emails and texts detected by Guardio in Q1 2025 – Read More  –  

The UK’s data protection regulator says it is overwhelmed with complaints from the public – Read More  –  

The CERT-UA investigation concluded that the attack’s techniques were “characteristic of Russian intelligence services” – Read More  –  

WP Ultimate CSV Importer flaws expose 20,000 websites to attacks enabling attackers to achieve full site compromise – Read More  –  

A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor – Read More  –  

Google is set to roll out end-to-end encryption for all Gmail users, boosting security, compliance and data sovereignty efforts – Read More  –  

BlueVoyant found that the use of lookalike domains in email-based attacks is allowing actors to extend the types of individuals and organizations being targeted – Read More  –