Category: Privacy/Governance Feed

The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research – Read More  –  

Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery – Read More  –  

Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins – Read More  –  

Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years – Read More  –  

Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023 – Read More  –  

AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection – Read More  –  

Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m – Read More  –  

An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites – Read More  –  

Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence – Read More  –  

Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2 – Read More  –  

Enisa identifies six sectors that it says must improve on NIS2 compliance – Read More  –  

The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns – Read More  –  

Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data – Read More  –  

Nonprofits are facing a surge in cyber-attacks as email threats rise 35%, targeting donor data and transactions – Read More  –  

With Android Scam Detection for messages and calls, Google wants to push scam detection further than traditional spam detection – Read More  –  

ISACA identified factors such as heavy workload and long hours as the primary causes of stress, while there has been high turnover of IT professionals in the past two years – Read More  –  

GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail – Read More  –  

A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware – Read More  –  

Private 5G networks face security risks amid AI adoption and a lack of specialized expertise – Read More  –  

Cloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild – Read More  –  

Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US – Read More  –  

Fastly found that organizations have introduced changes such as increasing CISO participation in strategic decisions in response to growing personal liability risks – Read More  –  

CISA has added five more CVEs into its known exploited vulnerabilities catalog – Read More  –  

Sumsub research finds European iGaming market is losing billions to fraud each year – Read More  –  

Artificial Intelligence (AI) is transforming the digital landscape, powering applications that are smarter, faster, and more intuitive than ever… The post Protecting AI-powered Applications: The Critical Role of Encryption and Data Masking  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware – Read More  –  

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure – Read More  –  

A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API – Read More  –  

Telecoms provider Vodafone has developed the new proof of concept with IBM, as it seeks to implement post-quantum cryptography ahead of anticipated quantum-based attacks – Read More  –  

The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information – Read More  –  

Threat actors are exploiting a zero-day bug in Paragon Partition Manager’s BioNTdrv.sys driver during ransomware attacks – Read More  –  

The Digital Personal Data Protection (DPDP) Act, 2023, is a landmark legislation aimed at regulating the processing of digital… The post DPDP Act Compliance Checklist for Businesses appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver – Read More  –  

In February 2025, Sophos completed the Secureworks deal and SolarWinds went private – Read More  –  

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report – Read More  –  

A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide – Read More  –  

In today’s digital era, cashless transactions have become the norm. With the convenience of online payments, more people are… The post Exploring the Benefits of Payment HSM: Enhancing Security in a Cashless World  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate – Read More  –  

Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn – Read More  –  

Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code – Read More  –  

In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities – Read More  –  

OpenSSF has released new baseline security best practices to improve open source software quality – Read More  –  

FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist – Read More  –  

99% of organizations report API-related security issues, highlighting risks from API growth – Read More  –  

DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info – Read More  –  

Meredith Whittaker, Signal’s CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law – Read More  –  

HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers – Read More  –  

IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators – Read More  –  

Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity – Read More  –