Category: Privacy/Governance Feed

Internet Archive founder confirmed the allegedly exposed data was “safe”    – Read More  –  

Microsoft urges macOS users to apply a fix for the vulnerability, which it believes may be under active exploitation by the Adload malware family    – Read More  –  

The Redmond-based firm was the most impersonated brand in the third quarter of 2024, while Alibaba entered the Top 10 for the first time    – Read More  –  

Instagram has announced new security features to protect users from sextortion scams, including hiding follower lists, preventing screenshots, and launching an awareness campaign    – Read More  –  

US authorities have charged a man for involvement in the SEC X account hack in January 2024, which falsely announced the approval of Bitcoin Exchange Traded Funds    – Read More  –  

Cicada3301 ransomware has targeted critical sectors in US/UK, leaking data from 30 firms in three months    – Read More  –  

US authorities have charged two Sudanese linked to DDoS cybercrime group, Anonymous Sudan, which caused $10m in damages    – Read More  –  

The ongoing campaign targets multiple critical infrastructure sectors, including healthcare, government, information technology, engineering, and energy    – Read More  –  

Secureworks said it had observed a case where a fake North Korean IT contractor exfiltrated proprietary data before issuing a ransom demand to their former employer    – Read More  –  

Netskope claims 66% of malware attacks last year were backed by nation states    – Read More  –  

Symantec data reveals RansomHub claimed more attacks than any other group in Q3 2024    – Read More  –  

CISA is asking for feedback on future guidance outlining bad security practices in product development as part of its Secure by Design initiative    – Read More  –  

NIS2 will be enforced as of October 17, yet many organizations and even EU member states appear completely unprepared for implementation    – Read More  –  

A new Bugcrowd study shows 71% of ethical hackers now see AI boosting hacking value, up from 21% in 2023    – Read More  –  

CISA released the third edition of SBOM guidelines to enhance software component transparency    – Read More  –  

Phishing emails claiming to be from Starbucks are offering recipients a “free Coffee Lovers Box” in an attempt to steal personal or install malware on devices    – Read More  –  

New NCSC CEO Dr Richard Horne warned in a speech that there is a widening gap between escalating threats and society’s ability to defend against them    – Read More  –  

The new set of specifications could enable users to securely move passkeys and all other credentials across providers    – Read More  –  

DigiCert says imminent crypto threat from quantum computing has been over-hyped    – Read More  –  

New government grants for AI safety research are designed to fund work into deepfakes and other cyber risks    – Read More  –  

Cyber threats surge ahead of the 2024 election, including phishing, ransomware and Darknet activity    – Read More  –  

Researchers have discovered a new cyber-attack method called ConfusedPilot that can manipulate AI-generated responses by injecting malicious content into documents referenced by AI systems    – Read More  –  

The service, developed in collaboration with Cloudflare and Accenture, is available for UK schools and most education service providers    – Read More  –  

Most organizations are not prepared for the post-quantum threat, despite the recent publication of NIST’s first three finalized post-quantum encryption standards    – Read More  –  

Microsoft has observed nation states ramping up cooperation with cybercriminals to conduct operations in the past year    – Read More  –  

The sophisticate campaign, ErrorFather, employs keylogging, virtual networks and a domain generation algorithm to target Android users    – Read More  –  

Zscaler has found more than 200 malicious apps on Google Play with over eight million installs    – Read More  –  

Coalition’s new service aims to mitigate the impact of growing UK corporate fraud losses    – Read More  –  

Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegram-based toolkit    – Read More  –  

CISA urged organizations to tackle security risks from unencrypted cookies in F5 BIG-IP LTM systems    – Read More  –  

The US DoD has finalized the Cybersecurity Maturity Model Certification (CMMC) Program, which defense contractors must pass to bid for government contracts    – Read More  –  

Personal data of over 2600 employees has been exposed and insider information about the Switch 2 and future Pokémon games leaked    – Read More  –  

Japanese electronics firm Casio has reported a ransomware attack and data breach    – Read More  –  

Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs    – Read More  –  

NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution    – Read More  –  

Access Now announced that the US Customs and Border Protection agency released records on its app following the NGO’s lawsuit    – Read More  –  

Russian-backed APT29 has been spying on US and European organizations since at least 2021, a US-UK joint advisory said    – Read More  –  

A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket    – Read More  –  

Operation MiddleFloor targets Moldova’s October elections, spreading EU disinformation via email    – Read More  –  

The data breach exposed more than 10m customer conversations from an AI call center platform in the Middle East    – Read More  –  

The EU’s Cyber Resilience Act requires cybersecurity standards for all connected products throughout their entire lifecycle    – Read More  –  

Marriott will pay $52m to 50 US states for a data breach impacting 131.5 million American customers, and has agreed to implement stronger security practices    – Read More  –  

The non-profit digital library was also hit by at least two DDoS attacks in two days    – Read More  –  

Two former RAC employees have been handed suspended prison sentences for trading in personal data    – Read More  –  

Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024    – Read More  –  

The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s software inventory when the feature is used on work computers    – Read More  –  

New BeaverTail malware targets tech job seekers via fake recruiters on LinkedIn and X    – Read More  –  

The UK government’s Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities    – Read More  –  

Barracuda researchers have identified a new wave of QR code phishing attacks that evade traditional security measures and pose a significant threat to email security    – Read More  –  

The Australian government’s Cyber Security Bill 2024 will mandate cybersecurity standards for smart devices and introduce ransomware reporting requirements    – Read More  –