Category: Privacy/Governance Feed

Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group – Read More  –  

Apple has patched a zero-day vulnerability being exploited in targeted attacks – Read More  –  

Kela researchers explain that infostealers are to blame for compromised OpenAI logins – Read More  –  

Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects – Read More  –  

A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies – Read More  –  

Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November – Read More  –  

The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000 – Read More  –  

Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service – Read More  –  

Europol has urged the financial sector to prioritize quantum-safe cryptography – Read More  –  

The General Data Protection Regulation (GDPR) stands as a gold standard for data protection laws globally, setting stringent benchmarks… The post Digital Personal Data Protection Act 2023 vs. GDPR: Key Similarities and Differences  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting – Read More  –  

The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models – Read More  –  

Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies – Read More  –  

Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections – Read More  –  

US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation – Read More  –  

Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges – Read More  –  

This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events – Read More  –  

A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer – Read More  –  

The UK’s National Cyber Security Centre has published a new set of resources for startups and researchers – Read More  –  

Spain’s National Police force has arrested a suspected data thief who targeted government and military victims – Read More  –  

A new phishing attack by UAC-0006 has been discovered targeting PrivatBank with malicious files in password-protected archives to evade detection – Read More  –  

Chainalysis found that ransomware payments fell significantly year-over-year despite a recorded increase in the number of ransomware events in 2024 – Read More  –  

Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing – Read More  –  

The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders – Read More  –  

Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers – Read More  –  

Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks – Read More  –  

In an increasingly data-driven world, organizations collect, process, and store vast amounts of personal data, raising significant concerns about… The post The Role of a Data Protection Officer: Virtual DPO vs. On-Site DPO appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks – Read More  –  

Picus Security reports infostealer surge after revealing credentials appear in 29% of malware – Read More  –  

A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations – Read More  –  

Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets – Read More  –  

Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s – Read More  –  

CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions – Read More  –  

Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes – Read More  –  

VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023 – Read More  –  

A new Europol report warns of major challenges accessing and analyzing data for cybercrime investigations – Read More  –  

The UK government has launched a new AI security code of practice it believes will become an ETSI standard – Read More  –  

Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques – Read More  –  

The Indian tech giant temporarily suspended some of its IT services, which have now been restored – Read More  –  

Cyber reports exposed major security flaws in DeepSeek’s R1 LLM – Read More  –  

A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services – Read More  –  

Google Play blocked 2.36 million policy-violating apps and banned 158,000 harmful developer accounts in 2024 – Read More  –  

HTTP client tools used to compromise Microsoft 365 environments with 78% of tenants targeted in 2024 – Read More  –  

SquareX researchers warn that browser syncjacking could lead to full browser and device hijacking – Read More  –  

Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history – Read More  –  

New York Blood Center Enterprises revealed that it has been hit by a ransomware attack, disrupting activities and blood drives at its centers across the country – Read More  –  

UK organizations are significantly increasing cybersecurity budgets, with a projected 31% growth in the next year – Read More  –  

The UK’s National Cyber Security Centre has released a new paper making it easier to assess if a flaw is “unforgivable” – Read More  –  

AI-related API vulnerabilities surged 1,205% in 2024, with 99% tied to API flaws, according to a new report by Wallarm – Read More  –