Category: Privacy/Governance Feed

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications – Read More  –  

A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users – Read More  –  

The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group – Read More  –  

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 – Read More  –  

A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts – Read More  –  

Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks – Read More  –  

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects – Read More  –  

South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns – Read More  –  

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers – Read More  –  

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation – Read More  –  

Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts – Read More  –  

The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security – Read More  –  

Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack – Read More  –  

US agencies have issued a new alert to eliminate buffer overflow vulnerabilities, urging memory-safe programming for secure-by-design software development – Read More  –  

Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts – Read More  –  

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams – Read More  –  

Microsoft found that Russian state actor Seashell Blizzard has deployed an initial access subgroup to gain persistent access in a range of high-value global targets – Read More  –  

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data – Read More  –  

SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware – Read More  –  

Romance scams cost Americans $697.3m in 2024, with crypto fraud schemes on the rise – Read More  –  

NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring – Read More  –  

Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials – Read More  –  

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them – Read More  –  

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation – Read More  –  

The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks – Read More  –  

An Alabama man has admitted hacking into the US Security and Exchange Commission’s X account using SIM swap fraud to gain access – Read More  –  

Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks – Read More  –  

Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique – Read More  –  

Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress – Read More  –  

Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group – Read More  –  

Apple has patched a zero-day vulnerability being exploited in targeted attacks – Read More  –  

Kela researchers explain that infostealers are to blame for compromised OpenAI logins – Read More  –  

Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects – Read More  –  

A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies – Read More  –  

Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November – Read More  –  

The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000 – Read More  –  

Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service – Read More  –  

Europol has urged the financial sector to prioritize quantum-safe cryptography – Read More  –  

The General Data Protection Regulation (GDPR) stands as a gold standard for data protection laws globally, setting stringent benchmarks… The post Digital Personal Data Protection Act 2023 vs. GDPR: Key Similarities and Differences  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting – Read More  –  

The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models – Read More  –  

Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies – Read More  –  

Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections – Read More  –  

US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation – Read More  –  

Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges – Read More  –  

This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events – Read More  –  

A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer – Read More  –  

The UK’s National Cyber Security Centre has published a new set of resources for startups and researchers – Read More  –  

Spain’s National Police force has arrested a suspected data thief who targeted government and military victims – Read More  –