Category: Privacy/Governance Feed

A thousand UK service providers will be expected to comply with the forthcoming Cyber Security and Resilience Bill – Read More  –  

CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 – Read More  –  

New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers – Read More  –  

The funding will go to several projects within the Digital Europe Programme (DIGITAL) work program for 2025 to 2027 – Read More  –  

The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927 – Read More  –  

The DoJ has managed to recoup over $8m from scammers, stolen in romance baiting schemes – Read More  –  

The Digital Personal Data Protection Act 2023 (DPDP Act) marks a transformative shift in India’s data privacy landscape, setting… The post The Digital Personal Data Protection (DPDP) Act 2023: Key Challenges and Compliance Framework  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Forescout researchers found multiple vulnerabilities in leading solar power system manufacturers, which could be exploited to cause emergencies and blackouts – Read More  –  

Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices – Read More  –  

Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure – Read More  –  

A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel – Read More  –  

Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security – Read More  –  

PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms – Read More  –  

The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties – Read More  –  

Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras – Read More  –  

In an era where data breaches and cyber threats are on the rise, safeguarding sensitive information has become a… The post Vaultless Tokenization and Its Role in PCI DSS Compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens – Read More  –  

The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security – Read More  –  

In its 2025 Global Third-Party Breach Report, SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023 – Read More  –  

Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials – Read More  –  

A newly discovered malware campaign uses malicious npm packages to deploy reverse shells, compromising development environments – Read More  –  

Standards body ETSI has defined a scheme for key encapsulation mechanisms with access control (KEMAC), enabling quantum-secure encryption – Read More  –  

EU security agency ENISA has released a new report outlining the threats and potential mitigations for the space sector – Read More  –  

The UK government’s new fraud minister will today announce plans for a newly expanded fraud strategy – Read More  –  

McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps – Read More  –  

Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms – Read More  –  

NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems – Read More  –  

Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years – Read More  –  

Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools – Read More  –  

Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes – Read More  –  

VanHelsingRaaS, a new ransomware-as-a-service program, infected three victims within two weeks of release, demanding ransoms of $500,000 – Read More  –  

Ukraine’s national railway company has suffered a “large-scale” cyber-attack, disrupting online services and operations – Read More  –  

Authorities in seven African countries have arrested 306 suspects and seized 1842 devices in Operation Red Card – Read More  –  

Two years after a data breach that compromised almost seven million customers, 23andMe’s CEO has resigned as the company files for bankruptcy – Read More  –  

The UK’s National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys – Read More  –  

Threat actors are looking to compromise Google accounts to further malvertising and data theft – Read More  –  

India’s Digital Personal Data Protection (DPDP) Act, which came into force in July 2024, marks a significant shift in… The post Achieving Compliance with India’s Digital Personal Data Protection (DPDP) Act appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Trend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations – Read More  –  

A security researcher has observed threat actors exploiting vulnerabilities in a driver used by CheckPoint’s ZoneAlarm antivirus to bypass Windows security measures – Read More  –  

Attackers are exploiting user familiarity with CAPTCHAs to distribute the Lumma Stealer RAT via malicious PowerShell commands, according to HP – Read More  –  

The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns – Read More  –  

Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned – Read More  –  

Bridewell has released its annual report on critical infrastructure security leaders’ perceived cybersecurity maturity and threats – Read More  –  

February’s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m – Read More  –  

The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members – Read More  –  

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035 – Read More  –  

In today’s digital landscape, data privacy is no longer optional—it is an essential pillar of trust and compliance. The… The post Data Masking in the Age of AI: Balancing Innovation and Privacy  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Newly discovered vulnerability ZDI-CAN-25373 takes advantage of Windows shortcuts has been exploited by 11 state-sponsored groups since 2017 – Read More  –  

A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security – Read More  –  

World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings – Read More  –