Category: Privacy/Governance Feed

Google highlighted significant abuse of its Gemini LLM tool by nation state actors to support malicious activities, including research and malware development – Read More  –  

Cato Networks highlighted how the recently emerged HellCat ransomware group is using novel psychological tactics to court attention and pressurize victims – Read More  –  

Cybercriminals exploit government websites using open redirects and phishing tactics, bypassing secure email gateway protections – Read More  –  

Government agencies and privacy watchdogs have started investigating the Chinese AI chatbot provider over data privacy concerns – Read More  –  

ReliaQuest warns threat actor innovation and infostealer activity helped to accelerate breakout time by 22% in 2024 – Read More  –  

The National Audit Office warns of major gaps in cyber resilience across UK government departments – Read More  –  

Energy contractor ENGlobal reported that sensitive personal data was stolen by threat actors, with the incident disrupting operations for six weeks – Read More  –  

Group-IB researchers have exposed the highly organized affiliate platform and sophisticated operations of the Lynx Ransomware-as-a-Service group – Read More  –  

A Ponemon Institute survey highlighted the growing impact of ransomware attacks on victims’ revenue and reputation – Read More  –  

An API supply-chain attack affecting a popular online travel booking service put millions of airline users at risk – Read More  –  

The number of data breach victims increased 312% annually to exceed 1.7 billion in 2024, according to the ITRC 2024 Annual Data Breach Report – Read More  –  

The three Russian hackers are believed to be part of Unit 29155 of the GRU, also known as Cadet Blizzard, Ember Bear and Ruinous Ursa – Read More  –  

Three men have been sentenced after pleading guilty to running an account hijacking service for fraudsters – Read More  –  

In an increasingly data-driven world, ensuring the protection of personal information has never been more crucial. With rising concerns… The post Why You Should Hire a Virtual Data Protection Officer (vDPO) Now? appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

A new phishing tactic has been identified by Cisco Talos, using hidden text salting to evade email security measures – Read More  –  

Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations’ security measures not set up to deal with these attacks – Read More  –  

A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials – Read More  –  

74% of CISOs plan to increase their cyber crisis simulation budgets in 2025 – Read More  –  

A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars – Read More  –  

Change Healthcare has claimed 190 million customers were affected by a mega-breach last year – Read More  –  

Amazon Web Services has launched its Cyber Education Grant Program in the UK – Read More  –  

Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals – Read More  –  

A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion – Read More  –  

SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure – Read More  –  

Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment – Read More  –  

Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams – Read More  –  

Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ – Read More  –  

The network equipment giant urged customers to patch immediately – Read More  –  

Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security – Read More  –  

President Trump has pardoned the founder of original dark web marketplace Silk Road – Read More  –  

Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA – Read More  –  

PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign – Read More  –  

New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years – Read More  –  

NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded – Read More  –  

Cyble has found thousands of security vendors’ credentials on the dark web, likely pulled from infostealer logs – Read More  –  

Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year – Read More  –  

Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack – Read More  –  

Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally – Read More  –  

Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place – Read More  –  

A CloudSEK report revealed Zendesk’s platform can be exploited for phishing and investment scams – Read More  –  

Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching €1.2bn – Read More  –  

Critical flaws include those in Oracle Supply Chain products – Read More  –  

Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware – Read More  –  

ISACA research claims privacy budgets are set to decline further in 2025 – Read More  –  

In today’s interconnected digital world, where data drives decision-making and innovation, safeguarding personal information has become an absolute necessity…. The post DPDP Act 2023: Key Updates and What’s New in 2025 for Data Protection appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale – Read More  –  

Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering – Read More  –  

The December 2024 cyber-attack on the country’s state registers, was attributed to Russian military intelligence services – Read More  –  

The US has issued sanctions against an individual and a company involved in recent high-profile compromises of government officials by Chinese state-affiliated hackers – Read More  –  

CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack – Read More  –