Category: Privacy/Governance Feed

ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive – Read More  –  

M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors – Read More  –  

The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security – Read More  –  

Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage – Read More  –  

The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet – Read More  –  

During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks – Read More  –  

She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry – Read More  –  

A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022 – Read More  –  

Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market – Read More  –  

Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch – Read More  –  

The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome – Read More  –  

The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter – Read More  –  

The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services – Read More  –  

PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted – Read More  –  

Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action – Read More  –  

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks – Read More  –  

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions – Read More  –  

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography – Read More  –  

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year – Read More  –  

The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK – Read More  –  

Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch – Read More  –  

Organizations can start defending against deepfakes now, before efficient detectors are available – Read More  –  

Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware – Read More  –  

Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord – Read More  –  

NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025 – Read More  –  

A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown – Read More  –  

The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025 – Read More  –  

The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages – Read More  –  

UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity – Read More  –  

Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 – Read More  –  

Half of UK firms have over 10 cyber positions unfilled, according to Cisco – Read More  –  

The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information – Read More  –  

Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques – Read More  –  

Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers – Read More  –  

Prolific PhaaS operation Darcula uses Magic Cat software to steal over 800,000 cards in a seven-month period – Read More  –  

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen – Read More  –  

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China – Read More  –  

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark” – Read More  –  

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities – Read More  –  

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” – Read More  –  

FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords – Read More  –  

UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability – Read More  –  

Anthropic has found its Claude chatbot is being used for automated political messaging, enabling AI-driven influence campaigns – Read More  –  

Concerned about the fate of sensitive genetic information, the ICO and OPC have demanded that 23andMe prioritize customer data protection throughout its bankruptcy process – Read More  –  

A large-scale phishing campaign using DarkWatchman and Sheriff malware has been observed targeting companies in Russia and Ukraine – Read More  –  

Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products – Read More  –  

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications – Read More  –  

The ICO has decided not to fine the British Library for a 2023 ransomware breach – Read More  –  

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community – Read More  –  

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event – Read More  –