Category: Privacy/Governance Feed

Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use – Read More  –  

MITRE will be able to keep running the CVE program for at least the next 11 months – Read More  –  

Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024 – Read More  –  

A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark web – Read More  –  

Hertz has confirmed a data breach exposing customer data after a zero-day attack targeting file transfer software from Cleo Communications – Read More  –  

NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems – Read More  –  

Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks – Read More  –  

DataDome warns that DYI bots are snapping up driving test places en masse – Read More  –  

Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database – Read More  –  

Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database – Read More  –  

Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn – Read More  –  

Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey – Read More  –  

Thales report reveals bots now account for 51% of all web traffic, surpassing human activity – Read More  –  

Pentesting firm Cobalt has found that organizations fix less than half of exploited vulnerabilities, with just 21% of generative AI flaws addressed – Read More  –  

A UK man has been sentenced to over eight years for masterminding £100m phishing platform LabHost – Read More  –  

Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites – Read More  –  

Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities – Read More  –  

ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering – Read More  –  

The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia – Read More  –  

CA/Browser Forum members have voted in favor of shortening TLS/SSL certificate lifespans to 47 days – Read More  –  

Experts have warned that threat actors could hijack AI hallucinations in “slopsquatting” attacks – Read More  –  

The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog – Read More  –  

Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI – Read More  –  

Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as 9.9 – Read More  –  

Google Cloud’s Sandra Joyce said that Chinese state actors’ advanced techniques and ability to stay undetected pose huge challenges – Read More  –  

Google Cloud announced a number of security products designed to reduce complexity for security leaders – Read More  –  

The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report – Read More  –  

A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan – Read More  –  

A new AI-powered framework dubbed “AkiraBot” has successfully spammed 80,000 websites since September 2024 – Read More  –  

Police have made more arrests in the ongoing Operation Endgame, cracking down on malware customers – Read More  –  

WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software – Read More  –  

New phishing method targets high-value accounts using real-time email validation – Read More  –  

While ransomware attack claims are at an all-time high, financial losses from actual attacks may be reducing – Read More  –  

73% of respondents in an Armis survey said they worried about nation-state actors using AI for cyber-attacks – Read More  –  

Microsoft has issued security updates to fix 130+ vulnerabilities this month, including one zero-day – Read More  –  

The UK and allies have warned of new mobile spyware targeting Uyghur, Tibetan and Taiwanese communities – Read More  –  

As cyberattacks become more sophisticated, businesses must leverage advanced technologies to stay ahead of bad actors. Enter Artificial Intelligence… The post AI in Cybersecurity: Balancing Innovation with Governance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Google’s latest Android update fixes 62 flaws, including two zero-days previously used in limited targeted attacks – Read More  –  

NIST marks CVEs pre-2018 as “Deferred” in the NVD as agency focus shifts to managing emerging threats – Read More  –  

With the increasing digitalization of personal data and the rise of stringent data privacy regulations worldwide, organizations are under… The post Unlocking DPDP Act Compliance: Essential Tools You Need to Know appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation – Read More  –  

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog – Read More  –  

The British government has launched a new code of practice designed to boost corporate cyber governance – Read More  –  

Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor – Read More  –  

A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad – Read More  –  

Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums – Read More  –  

Vodafone Business has urged the UK government to implement policy changes, including improvements to the Cyber Essentials scheme and tax incentives for cybersecurity – Read More  –  

Osney Capital’s new fund is the first to focus exclusively on early-stage UK cybersecurity – Read More  –  

Cyber-attacks on Australian superannuation funds leave some savers out of pocket – Read More  –  

A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities – Read More  –