Category: Privacy/Governance Feed

Clearview AI faces a criminal complaint in Austria for allegedly ignoring EU data protection rulings – Read More  –  

The King Addons for Elementor plugin contains two flaws allowing unauthenticated file uploads and privilege escalation – Read More  –  

Cybercriminals are abusing AdaptixC2, a legitimate emulation framework, in ransomware campaigns – Read More  –  

Over a quarter of employees work with AI tools that had not been authorized by their company – Read More  –  

A new dark web analysis reveals more than 300 million records have been breached in 2025 to date – Read More  –  

The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker – Read More  –  

The fast development of quantum computing opens unprecedented opportunities and serious threats to the current cybersecurity systems. Although quantum… The post How to Build a Quantum-Resilient Data Protection Strategy appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Google Chrome will enhance security with enforced HTTPS connections from version 154, set for release in October 2026 – Read More  –  

The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads – Read More  –  

A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys – Read More  –  

Atroposia is a newly discovered modular RAT that uses encrypted channels and advanced theft capabilities to target credentials and crypto wallets – Read More  –  

The backbone breaker benchmark (b3) has been launched to enhance the security of LLMs within AI agents – Read More  –  

The British Standards Institution claims business leaders aren’t focused enough on managing AI risk – Read More  –  

A surge in fake investment platforms targeting cryptocurrency and forex markets has been driving a new wave of financial crime in Asia – Read More  –  

A zero-day flaw in Chrome has been exploited by Mem3nt0 mori in Operation ForumTroll as part of a targeted espionage campaign – Read More  –  

Cyber-related economic sanctions can alter adversary behavior, forcing underground networks to distance themselves from named actors – Read More  –  

ITRC report charts shocking rise of identity fraud victims driven to thoughts of self-harm – Read More  –  

Sysadmins are urged to patch WSUS vulnerability CVE-2025-59287 as soon as possible, with federal agencies required to update by November 14 – Read More  –  

Qilin ransomware activity has surged in late 2025, threatening data leaks via double extortion tactics – Read More  –  

Europol called for action against caller ID spoofing, linking attacks to significant online fraud – Read More  –  

The IT outsourcing giant said its service desk contract with Marks & Spencer was terminated long before the hack – Read More  –  

UK Finance reveals a 3% increase in the value and 17% increase in the volume of fraud in H1 2025 – Read More  –  

Wordfence says threat actors are trying to exploit three critical vulnerabilities from 2024 – Read More  –  

The Digital Personal Data Protection (DPDP) Act 2023 of India is a turning point in the international standards of… The post CryptoBind’s quantum ready approach to DPDP compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Check Point has identified a dozen attacks in September that bore the LockBit stamp, with half of them attributed to the group’s new ransomware version – Read More  –  

A spear phishing campaign dubbed PhantomCaptcha targeted Ukraine’s war relief efforts and regional government administrations for a single day in October – Read More  –  

ToolShell exploit activity surged last quarter, appearing in over 60% of Cisco Talos IR cases and driving a sharp rise in public-facing application attacks – Read More  –  

A cyber-espionage campaign by Pakistan’s TransparentTribe has been identified, targeting Indian government systems using DeskRAT – Read More  –  

Cyber-attacks by North Korea’s Lazarus Group target European defense firms in drone development – Read More  –  

Forescout researchers discovered critical and high-severity vulnerabilities in several TP-Link VPN routers – Read More  –  

Trend Micro believe security teams should anticipate increased Vidar 2.0 prevalence in campaigns through Q4 2025 – Read More  –  

The digital age has changed the way business is done and data has become the core of business development…. The post DPDP Act in Action: Real-life Cases & Lessons for CISOs appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence – Read More  –  

SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine – Read More  –  

The Cyber Monitoring Centre has classified the cyber-attack against Jaguar Land Rover as a “systemic cyber event” – Read More  –  

Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks – Read More  –  

Group-IB has uncovered a scam operation impersonating Singapore officials using Google Ads and deepfakes – Read More  –  

According to ExtraHop’s latest threat landscape report, average ransomware payments surged 44% to $3.6m in 2025 despite fewer incidents – Read More  –  

A critical out-of-bounds write flaw (CVE-2025-9242) in WatchGuard Fireware OS could allow remote code execution – Read More  –  

The Coldriver hacking group reportedly shifted its operation quickly after the May 2025 public disclosure of its LostKeys malware – Read More  –  

Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro – Read More  –  

The Dutch Data Protection Authority issued Experian a €2.7m for GDPR violations including excessive collection of personal data – Read More  –  

Only one in ten IT and cybersecurity professionals feels “very prepared” to manage generative AI risks – Read More  –  

A cyber intrusion by China-linked group Salt Typhoon has been observed targeting global infrastructure via DLL sideloading – Read More  –  

Several suspects have been arrested over links with a network running a “sophisticated” cybercrime-enabling service – Read More  –  

Microsoft has revoked over 200 fraudulent code-signing certificates used in a ransomware campaign involving fake Teams installers by threat group Vanilla Tempest – Read More  –  

Dutch prosecutors suspect three teens of aiding a foreign power, with one allegedly linked to a Russian-affiliated hacker group – Read More  –  

Google reveals North Korean hackers are using EtherHiding, a blockchain-based technique, to deliver malware and steal cryptocurrency – Read More  –  

The US lending platform said early investigations found no evidence of unauthorized account access or fund theft – Read More  –  

At ISACA Europe 2025, cybersecurity consultant Tony Gee shared some technical measures security teams could implement to fight against the infostealer scourge – Read More  –