Category: Privacy/Governance Feed

The World Economic Forum has shared recommendations on how to build on the success of existing partnerships to accelerate the disruption of cybercriminal activities    – Read More  –  

The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files    – Read More  –  

Researchers have uncovered a surge in phishing attacks using Visio .vsdx files to evade security scans    – Read More  –  

This year’s Blue OLEx cyber-attack drill was hosted in Italy and benefited from the new EU-CyCLONe for the first time    – Read More  –  

The UK Regional Organised Crime Unit (ROCU) Network has urged the elderly to be on the lookout for scam texts offering a winter fuel subsidy    – Read More  –  

Swedish-Russian national Roman Sterlingov has been jailed for 12 years and six months for operating notorious cryptocurrency mixer Bitcoin Fog    – Read More  –  

South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine    – Read More  –  

International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems    – Read More  –  

SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism    – Read More  –  

Interlock employs both “big-game hunting” and double extortion tactics against its victims    – Read More  –  

Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities    – Read More  –  

An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised    – Read More  –  

The UK’s National Cyber Security Centre has released malvertising guidance for brands and their ad partners    – Read More  –  

TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada    – Read More  –  

CIISec report reveals the average wage for UK security professionals is now over £87,000    – Read More  –  

Trend Micro’s Robert McArdle says cybercriminals use of AI is far more limited than many realize, and pales in comparison to defenders’ use of the technology    – Read More  –  

A cyber-attack targeting telematics provider Microlise has disrupted tracking services for key clients like DHL and Serco    – Read More  –  

Organizations remain unprepared to defend against known and predictable attacks like ransomware    – Read More  –  

The Nigerian police have arrested 113 foreign individuals and their 17 Nigerian collaborators for their alleged involvement in high-level cybercrimes    – Read More  –  

Winos4.0 malware, derived from Gh0strat, targets Windows users via game-related applications, enabling remote control of affected systems    – Read More  –  

Google wants to ensure a smooth transition towards required MFA across all Google Cloud accounts with a phased rollout running throughout 2025    – Read More  –  

Interpol claims an international policing operation has shuttered 22,000 IPs connected with cybercrime    – Read More  –  

A man suspected of breaching hundreds of Snowflake accounts has been arrested    – Read More  –  

ToxicPanda malware targets banking apps on Android, spreading through Italy, Portugal and Spain    – Read More  –  

ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom    – Read More  –  

A joint US government advisory warned about increasing foreign influence efforts designed to undermine the legitimacy of the Presidential Election    – Read More  –  

APT36 evolved its remote access trojan, ElizaRAT, along with introducing a new stealer payload called ApoloStealer    – Read More  –  

A Which? report outlines serious privacy concerns with smart device products including air fryers    – Read More  –  

Lloyds Bank has revealed that Oasis fans comprise the vast majority of ticket scam victims it deals with    – Read More  –  

Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking well-known brands    – Read More  –  

The City of Columbus, Ohio, informed the Maine Attorney General’s Office that approximately 55% of its residents were affected by the breach    – Read More  –  

A US district court sentenced a Nigerian man for an elaborate ‘man-in-the-middle’ phishing campaign, which resulted in $12m in losses from real-estate transactions    – Read More  –  

The flaw, an exploitable stack buffer underflow in SQLite, was found by Google’s Big Sleep team using a large language model (LLM)    – Read More  –  

US government agencies said the video, widely shared on social media, is part of Russia’s broader strategy of undermining the integrity of the Presidential Election    – Read More  –  

Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) operations    – Read More  –  

Several UK council websites are back online after being disrupted by Russian hacktivist DDoS attacks    – Read More  –  

Sophos provided details of changing tactics by Chinese APT groups over a five-year period, involving a shift towards stealthy, targeted attacks    – Read More  –  

Multiple vulnerabilities in Rockwell Automation and Mitsubishi products could allow ICS cyber-attacks    – Read More  –  

US and Israeli government agencies have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to expand its operations    – Read More  –  

Emeraldwhale breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials    – Read More  –  

New phishing kit Xiu Gou, featuring a unique “doggo” mascot, targets users in US, UK, Spain, Australia and Japan with 2000+ scam websites    – Read More  –  

A report by the Canadian Centre for Cyber Security described China as the most sophisticated cyber threat to Canada, also identified India as an emerging threat    – Read More  –  

Palo Alto Networks’ Unit 42 has observed the first-ever collaboration between North Korean-backed Jumpy Pisces and Play ransomware    – Read More  –  

Malware-related attacks against global government organizations increased 236% year-on-year in Q1 2024, according to SonicWall    – Read More  –  

ITRC data finds 81% of US small businesses have suffered a data or security breach over the past year    – Read More  –  

The new FakeCall variant uses advanced vishing tactics, featuring Bluetooth for device monitoring    – Read More  –  

The LiteSpeed Cache vulnerability allows administrator-level access, risking security for over 6 million WordPress sites    – Read More  –  

In a major security update, Apple has fixed dozens of bugs and vulnerabilities across its operating systems and services    – Read More  –  

CISA’s 2025-2026 International Strategic Plan aims to strengthen external partnerships to reduce risks to critical infrastructure relied on in the US    – Read More  –  

Comparitech warns that voters could be misled as most local government sites are failing on basic security    – Read More  –