Category: Privacy/Governance Feed

PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs – Read More  –  

Bugcrowd study reveals 82% of security researchers now use AI, a big increase from 2023 figures – Read More  –  

Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected – Read More  –  

Nike is investigating after the World Leaks ransomware group posted a 1.4TB data dump – Read More  –  

With increasing volume of data and regulatory controls that are only tightening, regulated industries have a hard paradox to… The post How Regulated Industries Use Privacy-Enhancing Technologies (PETs) appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Supply chain breach in eScan antivirus distributes multi-stage malware via legitimate updates – Read More  –  

CISA released initial list of PQC-capable hardware and software to guide companies amid quantum threats – Read More  –  

Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO” – Read More  –  

The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach – Read More  –  

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials – Read More  –  

A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm – Read More  –  

Open letter by NHS technology leaders outlines plans to identify risks to software supply chain security across health and social are system – Read More  –  

Under Armour said there is no evidence at this point to suggest the incident affected systems used to process payments or store customer passwords – Read More  –  

Critical vulnerability in Appsmith allows account takeover via flawed password reset process – Read More  –  

Security flaw in RealHomes CRM plugin allowed file uploads; patches released for 30,000+ sites – Read More  –  

Phoney email alerts suggest users need to backup their LastPass accounts within 24 hours. LastPass says it would never require this action from users – Read More  –  

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025 – Read More  –  

UK Executives Warn They May Not Survive a Major Cyber-Attack, Vodafone Survey Finds – Read More  –  

DLA Piper finds 22% increase in breached firms notifying European GDPR regulators – Read More  –  

As enterprises continue their rapid shift toward digital-first operations, data protection has evolved from a technical safeguard into a… The post Tokenization vs Encryption: How to Choose appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

PwC’s 29th Global CEO Survey shows cyber risk rising to the top of CEO concerns as confidence in short term business growth weakens – Read More  –  

Cyber risks for the Milano-Cortina 2026 Winter Games include phishing and spoofed websites as key threat vectors – Read More  –  

Loan phishing operation in Peru is stealing card info by impersonating financial institutions – Read More  –  

Sophisticated malware previously thought to be the work of a well-resourced cyber-crime group was built by one person – with the aid of AI tools – Read More  –  

The EU’s Cybersecurity Act 2.0 will aim to address some of the challenges of the current CSA, including the slow rollout of certification schemes – Read More  –  

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE – Read More  –  

City of London Police has launched the UK’s national Report Fraud service – Read More  –  

2 security vulnerabilities in the Chainlit framework expose risks from web flaws in AI applications – Read More  –  

Three vulnerabilities in Anthropic’s Git server for the MCP can be exploited via prompt injection – Read More  –  

Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages – Read More  –  

Weaponized AI is fueling a new wave of cybercrime, said Group-IB in its latest report – Read More  –  

A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups – Read More  –  

Gartner predicts 50% of organizations will adopt zero trust data governance by 2028 – Read More  –  

The digital trust is not a theoretical notion anymore, it is the currency of the contemporary economy. All online transactions, identity checks, signature… The post Why HSMs Are Foundational to Digital Trust  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

New malware PDFSIDER enables covert, long-term access to compromised systems via advanced techniques – Read More  –  

UK NCSC warned of disruptive cyber attacks by Russian hacktivists targeting critical infrastructure – Read More  –  

Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store – Read More  –  

Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists – Read More  –  

UK firms face confluence of cyber-related risks in 2026, says Nardello & Co – Read More  –  

CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence – Read More  –  

India’s digital economy is expanding at an unprecedented pace, with AI-driven personalization, digital payments, cloud-native services, and data-driven citizen… The post Data Fiduciary vs. Significant Data Fiduciary: What Changes in 2026 appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment – Read More  –  

An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025 – Read More  –  

Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet – Read More  –  

While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data – Read More  –  

CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments – Read More  –  

Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report – Read More  –  

A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack – Read More  –  

IANS Research reveals a growth in executive-level CISO titles, amid resource challenges – Read More  –  

ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges – Read More  –