Jamf Threat Labs reveals that organisations are still using out-of-date software on devices, exposing them to cyber threats Jamf (NASDAQ: JAMF) today announced the release of its latest Security...

The cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: February 2023 from its Advanced Research Center, examining cybersecurit...

The digital age is engulfed with the issue of data privacy. With more personal data exchanged online, organizations need to have a plan in place to protect sensitive data. In this article, we'll outl...

Vulnerability scanning is the process of using automated tools to identify potential security weaknesses and vulnerabilities in an organization's infrastructure. It is an essential step in maintainin...

 Abnormal Security, the leading behavioral AI-based security platform, today released its H1 2023 Email Threat Report, which examines recent developments in the email threat environment and...

48% of UK IT decision makers believe there will be a successful cyberattack credited to ChatGPT within the year 88% believe UK government has a responsibility to regulate advanced AI technologies...

Data privacy is an increasingly important concern for individuals, businesses, and governments worldwide. With the rapid expansion of digital technology and the internet, sensitive information is mor...

Cybersecurity is an ever-evolving field and with the increasing number of cyber-attacks and data breaches. It has become crucial for organizations and individuals to be aware of the tools available t...

Endpoint protection is a critical aspect of cybersecurity that helps organizations protect their endpoints (computers, laptops, mobile devices, servers, IoT devices, etc.) from potential threats. Wit...

In today's digital environment, endpoint protection is more critical than ever. With the increasing use of mobile devices, laptops, and cloud services, endpoint devices are becoming the primary targe...

Only one-third of UK organisations have a validated plan in place to handle cyberwarfare; and 57% have stalled or stopped digital transformation projects due to the threat of cyberwarfare Armis, t...

The Outpost24 research team have released the results of attack data gathered from a network of honeypots deployed to gather actionable threat intelligence. In total, 42 million attacks wer...

[17.01.23] VIPRE Endpoint Detection & Response (EDR) delivers streamlined, sophisticated, high-performing cloud-based EDR management in a single, easy-to-navigate console.  VIPRE Security...

Global security & privacy leader Avast has uncovered that Pro-Russia hacktivist group NoName057(16) is conducting a campaign of Distributed Denial of Service (DDoS) attacks on Ukraine a...

According to Comparitech’s worldwide ransomware tracker, 2022 saw a huge dip in the number of publicly-reported ransomware attacks. In 2022, 769 attacks were collated by the researchers, compared...

Data loss prevention (DLP) is a security strategy that aims to prevent unauthorized access, disclosure, modification, or destruction of sensitive data. Protecting sensitive data is crucial for mainta...

Data Loss Prevention, or DLP, is a vital component of any business’s cybersecurity strategy. It is a set of technologies and processes that help prevent the unauthorized access, use, or transfer of...

Five Guys Enterprises LLC, a chain of burger restaurants, has reported a data breach that led to the loss of personally identifiable information from job applications. The information was provided...

Identity and access governance is a crucial aspect of any organization's security strategy. It involves the management of user identities and the control of access to systems and resources. Proper id...

Identity and access governance (IAG) is a critical component of modern organizations, as it helps manage users' identities and access various resources and systems. IAG encompasses a range of process...

Cybersecurity is an ever-growing concern for individuals and organizations alike. In light of the continuous advancements in technology, it is important to remain aware of potential risks associated...

An organization's information security program must include Privilege Access Management (PAM). To safeguard against unauthorized access, data breaches, and other security threats, it involves managin...

Privileged access management (PAM) is a critical security solution that helps organizations control and monitors the use of privileged access to critical systems, data, and resources. PAM soluti...

Cybersecurity is a crucial aspect of protecting businesses, organizations, and individuals, while there are a wide variety of open-source tools and technologies available to help. Businesses, organiz...

#ChatGPT and Web3 Last week, ChatGPT, the dialogue-based AI chatbot capable of understanding natural human language, took the world by storm. Gaining over 1 million registered users in just 5 days...

When it comes to building a security operations center (SOC), it can be hard to know where to start. Even if you’re making sure the security operations team you already have in place has all the bas...

Google made the free, open-source security scanner available. Google made an effort to enhance vulnerability triage for users and developers of open source software last year. The first distributed o...

Uber experienced yet another prominent data breach that exposed private employee and business information. This time, attackers gained access to the company through a Tequivity cloud server that was...

Authorities in California are looking into a cybersecurity breach at the Department of Finance after a large ransomware organization claimed to have stolen private information and financial records f...

Multiple Zero-Day Security vulnerabilities in Top Endpoints Detecting and Responding (EDR) as well as Antivirus (AV) Solutions Found by SafeBreach Labs Researcher In order to transform endpoint de...

As the latest step in its continuous endeavor to provide people with even better ways to secure their data. Apple today unveiled three cutting-edge security capabilities aimed at defending against at...

What is ChatGPT? Since its debut last month, ChatGPT, OpenAI's most recent innovation, has attracted more than a million users. Among its early use cases are requested to develop code, write bedti...

An online Web-Skimming effort that has been taking place for at least one year is found by Jscrambler. According to the security provider, the operation has hacked over 40 e-commerce sites. A gang kn...

Microsoft has issued a warning to European nations to be on the lookout for Russian Cyber Attack this winter, just as several Russian organizations, including the nation's second-largest bank, have b...

On the dark web blog of the well-known Ransomware gang Hive. Data purportedly belonged to the renowned sports shop Intersport Data. Following a hack on Black Friday, the Hive ransomware group appe...

Numerous government departments and the public believe to be bodies to have overcome hardship by a ransomware attack on Mercury IT, a popular managed service provider (MSP) in New Zealand. A hack...

The Wall Street Journal ran a great reminder on the dangers of what has been referred to as “sharenting”, posting every significant moment of our kids’ lives online. Starting before birth and...

SwissInfo.ch reports that  Switzerland Proposes Mandatory Incident Reporting For Critical Infrastructure. The Swiss Parliament is being asked to update the Information Security Act to make...

Predictions from technology experts Cybersecurity is already one of the biggest pain points for businesses. Indeed, cyber-criminal activity often outpaces business security efforts, resulting in a...

Please see below comments for your consideration regarding the world’s largest Android smartphone manufacturers – Samsung, LG, Xiaomi and Mediatech – having been left vulnerable to malicious a...

It has been reported that a newly discovered Trojan has stolen Facebook logins from over 300,000 users in a campaign lasting four years, according to Zimperium. The security vendor claimed to have...

1 in 10 ICO fines are a result of poor data protection, compared to only one ICO fine for ransomware in the past two years Insufficient data protection has cost UK business £26 million since 20...

Reports are highlighting a rise in cyberattacks on transportation and shipping businesses, with shipping company Yodel identifying a cyber incident earlier this year, and the UK’s Department of Tra...

A hospital in Versailles, near Paris had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France's health ministry said Sunday. Six patients had bee...

It’s the Log4Shell anniversary. Somehow, about a third of Log4j downloads are still of the vulnerable version. Why is that? And what is the IT industry doing wrong? What can organisations do? Th...

It has been reported that DeFi protocol Ankr, which called itself the first ‘node-as-a-service’ platform, has suffered a multi-million dollar exploit due to a bug in its code that allowed fo...

TrustCor System was no longer supported by Mozilla and Microsoft as a result of a Washington Post article that exposed the company's connections to spyware-focused government contractors. Followin...

Threat actors are seeking to capitalize on or gain interest in their cause with assaults meant to draw unwitting people who may be more preoccupied with supporting their favorite teams than cybersecu...

A suspected cyber assault has taken down the Vatican website. Just days before Pope Francis received criticism from Moscow for his most recent denunciation of Russia's annexation of Ukraine. T...

According to the business, another security breach directly related to the one that happened in August has affected password manager LastPass. According to a blog post by LastPass CEO Karim Toubba...

Following reports that banks may be leaving customers vulnerable to fraudulent spoofing attempts, I wanted to share commentary from Fabien Rech, SVP EMEA at Trellix, which demonstrates how financ...

A “deep dive” from Bloomberg Law looks at the threat that DDoS attacks pose during holiday shopping seasons, but does not cite the potential for (and potential impacts of) Denial of App Service a...

Bank details of South Staffs Water customers have been published on the dark web after a cyber attack. The data breach took place in August and saw cyber criminals steal sensitive information. The...

It has been reported that the UK’s cybersecurity laws will be updated to require outsourced IT providers to meet security standards as part of efforts to better protect supply chains, the Govern...

Following the news of Meta being fined £265 Million pounds over data protection breach that hit more than 500m users, cyber security experts provide insight into how companies could better protect t...

Bot Attacks Methods for Business Two-Thirds of internet traffic consists of bot traffic. Out of this bot traffic, 40% are bad bots. The rise of malicious Bot Attacks targeting your Business has c...

Akamai researchers saw a 257% year over year increase in API and Web application attacks and are reporting that roughly 80 percent of cyberattacks are directed at financial services customers. They...

An API flaw that was patched in January allowed for the theft of over 5.4 million Twitter user records that contained private information. These records were made available for free sharing on a hack...

DAZN and Irdeto are joining forces to address the misuse of premium content and fight piracy in sports streaming.  DAZN deploys Irdeto Anti-Piracy Services and relies on Irdeto Control as primary m...

A threat actor posted an ad on a hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers....

The European Parliament suffered a cyberattack on Wednesday morning, shortly after the institution. Voted to strengthen economic sanctions against Russia for its involvement in eastern Ukraine and ann...

The UK's Biggest Anti-fraud Operation: 70,000 Victims To Receive Text Messages The UK’s biggest ever anti-fraud operation has begun to contact the 70,000 victims of telephone scams in their country...

Our Information Security Experts reacted below on why gambling sites were particularly vulnerable or of interest to credential stuffing attacks....

According to Wales Online, More than 10 million Brits have fallen victim to online shopping scams, it has been revealed, as 19 million UK shoppers prepare to embark on the biggest bargain hunts of th...

CloudSEK has revealed that Algolia’s API keys have been leaked, putting millions of users data at risk. Algolia’s API is used by companies to incorporate search, discovery, and recommendations i...

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices https://twitter.com/cyberfeedio/status/1593153764197683201...

Google Clamps Down on Cobalt Strike Abuses Google announced earlier this month that it had removed the ability to run JavaScript from inside.  HTML tags on its advertisement platform, in an effort...

Air Asia Suffers Major Data Breach One of Asia’s most popular airlines. Air Asia, suffered from a massive data breach this past month, potentially exposing. The data of hundreds of thousands of user...

As reported by The Register, phishing attempts targeting victims in the Middle East increased 100% last month in the lead up to the World Cup in Qatar, according to Trellix. There was a spike in thes...

It has been reported that six in 10 (60%) shoppers plan to spend more time researching and comparing prices ahead of Black Friday this year than they have previously, a survey has found. More than...

New Ransomware Encrypts Files, Steals Your Discord Account Ransomware has been evolving at an alarming rate, with more new strains appearing each year. One of the latest developments in this area i...

Bank of England Deputy Governor Jon Cunliffe today remarked that the implosion of cryptocurrency exchange FTX shows the need to regulate the crypto world, and to bring in these controls as soon as p...

The FBI has recently warned of a spate of cyberattacks and data extortion efforts by the Hive ransomware group, particularly focusing on the health and public health sectors. Hive actors have succes...

E-commerce malware detection firm Sansec is tracking a surge in cyberattacks targeting Magento stores.  At least seven Magecart groups are injecting TrojanOrders at approximately 38% of Magento...

It has been reported that hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident res...

Reports have suggested that the Zendesk vulnerability could have given hackers access to customer data. Full story: Zendesk Vulnerability Could Have Given Hackers Access to Customer Data | SecurityW...

As reported by The Times, the government has issued “burner phones” to all officials and ministers at the Cop27 climate conference in an attempt to stop the Egyptian hosts snooping on them. Acti...

Barclays Bank has today revealed that purchase scams rose by 34% following Black Friday weekend last year, putting this year's Christmas shoppers at huge risk. It comes as almost nine in 10 B...

Following the news that Biden’s officials are being pressed by lawmakers on cyber reporting legislation as overseas threats and ransomware evolves, Information security experts reacted below....

It has been reported that security researchers have uncovered a sophisticated phishing campaign using tens of thousands of malicious domains to spread malware and generate advertising revenue. Dubb...

State-Sponsored Actor Targets Cert Authority, Government Agencies In Multiple Asian Countries A new state-sponsored actor has targeted multiple Cert Authorities (CAs) and government agencies in mul...

The Information security and industry experts reacted below on the news that the Australian government looking at outlawing ransomware payments to hackers....

It has been reported that it could soon be illegal for companies that fall victim to data breaches to pay ransoms to the hackers. The home affairs minister, Clare O’Neil, confirmed the government...

Following the news that:  UK Shoppers Lost £15m+ to Scammers Last Winter UK Shoppers Lost £15m+ to Scammers Last Winter - Infosecurity Magazine (infosecurity-magazine.com)...

Following on the latest Medibank data leaks and backing their decision not to pay the ransom Australian ABC News reported that Cyber Security Minister Clare O'Neil said the government was consideri...

Cyber security experts reacted below on the recent Black Basta ransomware attack against food retail giant Sobeys....

As reported by the Mail on Sunday, Britain's biggest banks have bolstered their defences against a Russian cyber attack. The plan will mean close co-operation between lenders, so that if hackers too...

This International Fraud Awareness week businesses need to open their eyes and up their defenses in the battle against cybercrime. ...

The field of cybersecurity is rapidly changing. Here we spoke with a number of Cybersecurity experts and Industry leaders to find out the most critical cybersecurity trends to watch in 2023. Here are...

Hackers started leaking health data after Medibank, Australia’s largest health insurer, refuses to pay ransom demand. The REvil ransomware gang began posting stolen records, including customers�...

In a poll of 2,100 C-Level executives in large organizations, responsible for supply chain and cyber risk management, security firm BlueVoyant is reporting that 98% of the organizations suffered a s...

Github has launched a new method for security vulnerability disclosure privately and directly from a repository in an effort to improve the state of software supply chain security....

Twitter's Twitter Blue program, which offers the much-desired blue badge in exchange for a $8 monthly charge, has been launched in full. Before, only accounts of famous people and organizations recei...

A foreign exchange-focused DeFi protocol DFX Finance was attacked on Nov. 11, with the attacker stealing roughly $4 million....

It has been reported that security researchers have spotted an intriguing malware campaign designed to increase the search engine rankings of spam websites under the control of threat actors....

Following the news that Maple Leaf Foods confirmed on Sunday that it experienced a cybersecurity incident causing a system outage and disruption of operations....

It has been reported that info-stealing malware accounted for the three most widespread variants in October, comprising nearly a fifth (16%) of global detections, according to Check Point. The secur...

A new version of IceXLoader that has compromised thousands of personal and enterprise Windows machines, security experts reacted below....

According to Chronicle Live, Amazon is encouraging customers to stay alert to scam texts from fraudsters who pretend to represent the company to trick people into handing over sensitive details. M...

It has been reported that more than a third of companies who paid a ransom to cybercriminals after being hit by a ransomware attack went on to be targeted for a second time, according to a new repor...

It has been announced that the criminals behind the Medibank data breach have published some of the stolen data online. On Wednesday the names, addresses, birthdates and Medicare details of about 200...

Just over a fifth (22%) of 18 to 34-year-olds said they had been the victim of financial fraud at least once, compared with 12% of people aged 35 to 54 and around one in 10 over-55s. The survey of 4,...

Following the recent Microsoft Digital Defence Report - Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression - Microsoft On the Issues ...

Microsoft’s Patch Tuesday update has been released and with it comes fixes for six actively exploited Zero Days, and a total of 68 flaws....

It has been reported that Medibank Private Ltd, Australia's biggest health insurer, on Monday said no ransom payment will be made to the criminal responsible for a recent data theft, wherein around...

As reported by BBC News, in the wake of Elon Musk's takeover of Twitter, some users have been seeking alternative platforms. One of the biggest beneficiaries has been Mastodon. The social network say...

The UK’s National Cyber Security Centre (NCSC) has begun scanning all Internet-exposed devices hosted in the UK for vulnerabilities. As described on the NCSC Scanning information site: As part o...

It has been reported that security researchers are warning of a new phishing campaign that abuses Microsoft Dynamics 365 Customer Voice to trick recipients into handing over their credentials. Dynami...

Microsoft has shared insights from its Digital Defence Report and it shows that there has been a 74% increase in password attacks, increasing to approximately 921 attacks per second....

It has been reported that Mondelez International has settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover the snack giant's $100-millio...

ccording to Lancs Live,  a mum says she has been left on the breadline after fraudsters hacked her bank account and stole hundreds of pounds to buy PlayStation games as she slept. She says she only...

Musk’s Twitter takeover hit a heavy roadblock yesterday. In his hopes of having users pay for verification, it seems Musk caught the attention of looming cyber criminals, hungry to hijack users acc...

Dropbox has suffered a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. T...

It has been reported that Royal Mail has experienced a data breach where customers have seen the information of other users. A statement on Royal Mail's Click and Drop status updates website said:...

It has been reported that A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The v...

A new phishing campaign is underway to capitalize on the tumult, with hackers attempting to trick users into supplying their Twitter credentials in a Googledoc made to look like a Twitter help page,...

Today the National Cyber Security Centre revealed that it has issued 34 million cyber alerts in the past year alone. With attacks on the rise, Information security experts argue that AI-enabled stra...

It has been reported that the move to the Metaverse, an open-ended collection of digital experiences, environments and assets leveraging virtual technologies, is imminent. Backed by tech giants inclu...

After warnings were issued, a critical vulnerability discovered in current versions of OpenSSL affecting almost every organisation, will have a patch released today - so patch as soon...

With Musk's takeover finally official, heads are rolling at Twitter. However, there is still little clarity over how he will achieve his lofty ambitions for the social media platform. While some...

Senior U.S. cyber officials had a strong message for big tech Thursday, saying that tech providers, not just buyers, must take responsibility for ensuring their products are protected from cyberattac...

Every October is recognised as Cybersecurity Awareness Month, during which governments and the private sector collaborate to promote awareness about digital security, empowering everyone to safeguard...

Australian Defence Department has been hit by an attack from a piece of malware that has encrypted files and demanded payment in return for the keys to unlock them, as part of what appears to be an...

Liz Truss continues to be the talk of the town. With new investigations due to the hacking of her phone, this is the latest in several government scandals involving personal messaging devices. One...

It has been reported that four out of five (80%) organisations have been notified of a vulnerability or attack in their supply chain of software in the past 12 months, according to new research. T...

On Wednesday, the White House announced plans to expand its public-private cybersecurity partnership to include the chemical sector. The Industrial Control Systems (ICS) Cybersecurity Initiative is b...

...

It has been reported that social media company LinkedIn has introduced a series of new features aimed at fighting fake profiles and malicious use of the platform. The firm made the announcement in...

It has been reported that a cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors....

It has been reported that global ticketing giant See Tickets has begun notifying customers of a significant breach of their personal and financial information, which lasted for over two-and-a-half...

It has been announced that LinkedIn has introduced three new features to fight fake profiles and malicious use of the platform, including a new method to confirm whether a profile is authentic by sho...

As reported by the Daily Record,  Windows and Android users have been urged to be aware of criminals infiltrating popular websites and apps as part of a large-scale cyber campaign. Hackers are us...

Following news of a critical zero-day vulnerability in OpenSSL, a component that allows nearly all encryption across the Internet to happen, please see comment below from Information security and ind...

Following the news that:  Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity...

It has been reported that tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the i...

It has been reported that the Ukrainian authorities have posted information warning of a new ransomware campaign against organizations in the war-torn country. In a brief notice, the Ukrainian CERT s...

A recent poll of 700 C-level, CISO’s and office workers in the U.S. and U.K. found that 54% of the office workers said that if a business experienced a recent cyber breach, it would influence their...

It has been reported that Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power...

UK finance has urged people to stay ‘alert for fraud’, as they become more susceptible to online scams amid financial uncertainty....

The construction company Interserve received a hefty fine of £4.4 million from the ICO due to a security breach. Below is a comment from cybersecurity experts on this large fine and how it will help...

It has been reported that U.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by a cybercrime gang known as the Daixin Team primarily target...

A technical paper from the researchers at Leiden Institute of Advanced Computer Science details how researchers discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC)...

Th social media app WhatsApp has gone down this morning and we have comments from cyber security experts on the matter below....

It has been reported that a PoS payment card attack involving a pair of malware variants was used to steal more than 167,000 payment records from 212 infected devices mostly in the U.S.  Full st...

It has been reported that the Typosquat campaign mimics 27 brands to push Windows, Android malware.  Full story: Typosquat campaign mimics 27 brands to push Windows, Android malware (bleepingcom...

Symantec has just released a report on BlackByte ransomware’s new double extortion capabilities – see here. This comes just months after the FBI released an advisory on the strain following its u...

The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money....

A lot has changed over the last decade, making 2023 the year that every organisation could be hit by ransomware - unless they act on it. Survey after survey shows that the vast majority of organisati...

2022 (ISC)² Cybersecurity Workforce Study sheds light on the demand for cybersecurity talent with the gap growing twice as much as the workforce with a 26.2% year-over-year surge  (ISC)² �...

Following the news this morning that Medibank, Australia’s biggest health insurer has suffered a data breach, cybersecurity experts reacted below....

It has been reported that a ransomware group which unusually targets Russian organizations has upped its efforts this year, demanding larger ransoms from its victims and developing new malware for Li...

It has been reported that a prolific ransomware group targeting network-attached storage (NAS) devices this year monetizes its efforts by extorting both vendors and their end customers, according to...

A new report from the UK government has been released which analyses how online fraud is handled. In the report, MPs have accused ministers and law enforcement agencies of treating economic crime...

It has been reported that researchers have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil gang based on code similarities in both operations' encryptors. The...

It has been reported that Microsoft has confirmed that a misconfigured endpoint unintentionally leaked business and personally identifiable information (PII) for some customers. The tech giant said...

In response to reports that Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000...

According to Tech Radar, over 60% stated that they reuse passwords across multiple accounts. Most did so because they couldn’t be bothered to remember multiple ones (40%), and others didn’t feel...

So far in 2022, researchers at Sonotype have discovered over 88,000 malicious open source packages, a 742% increase per year since 2019. The packages were caught using AI behavioral analysis and auto...

According to IT Pro, A new report has found that global ransomware activity dropped throughout the third quarter as the order of dominant groups in the landscape shifted, but that businesses should...

Following the news that:  Client data exfiltrated in Advanced NHS cyber attack Client data exfiltrated in Advanced NHS cyber attack (digitalhealth.net)...

It has been reported that wine dealer Vinomofo is the latest Australian company to be targeted by a cyber-attack. At risk of exposure are the names, dates of birth, addresses, email addresses, phone...

It has been reported that a wave of DDoS attacks rocked the Bulgarian government over the weekend, with Russia the prime suspect, according to reports. Traffic flooded the websites of the Bulgarian P...

It has been reported that UK businesses must start taking cyber crime more seriously and do more – including working more closely with the Government – to protect themselves, the Chancellor of...

It has been reported that on Oct. 19, DeFi liquidity protocol Moola tweeted that it was investigating an incident and had paused operations of the platform. Web3 security firm Hacken looked into...

Businesses in the UK are under attack, suffering the third-highest rate of ransomware infiltration behind the US and Canada over the past year. Desperate to get back to business as usual, companies i...

It has been reported that The Church of Jesus Christ of Latter-day Saints announced Thursday that unauthorised activity was detected on its computer systems that impacted the personal data of church...

HP's Wolf Security team is reporting that Magniber ransomware is infecting home users and demanding payments of up to $2,500 for the decryption tool. Masquading as a Windows 10/11 update, attackers...

In a report released Wednesday, Forescout’s research team, Vedere Labs, have updated their findings on the riskiest devices in enterprise networks in 2022. By analyzing the millions of IoT devices...

As reported by Reuters, the Mexican attorney general's office said on Sunday it is investigating the purchase of Pegasus computer spyware by the previous administration and whether it was carried out...

Following the recent news of The UK’s National Cyber Security Centre (NCSC) warning businesses not to become ‘seduced’ by the attractiveness of issuing phishing tests to staff while also publis...

It has been reported that Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years....

Websites for more than a dozen US airports were temporarily brought offline by cyberattacks on Monday morning, including LaGuardia airport in New York City. The hack has been attributed to a group...

It has been reported that Singtel has confirmed that another Australian business it owns, consulting unit Dialog, has fallen victim to a cyber burglary just weeks after the mammoth data leak at telco...

It has been reported that in the second $100 million DeFi hack this week, Mango Markets was drained of $100 million in funds due to an exploit. Mango Markets tweeted Tuesday evening that a hacker was...

Just weeks after Optus disclosed that the data of 10 million users had been exposed in a data breach, its parent company, Singtel, is coping with two of its own data intrusions, according to The Gua...

Kaspersky has discovered a new wave of malicious email activity which spreads the dangerous malware Qbot, targeting corporate users and stealing sensitive data from networks.  After initially dyi...

The UK Government put forward legislation that would require those that work in the telecoms industry, MSPs included to enhance their security operations. Now that the legislation is active telecoms...

Hackers have reportedly stolen 2 million Binance Coins (BNB), worth $566 million, from the Binance Bridge. Details are scant at the moment, but the attack appears to have started at 2:30 PM EST today...

Code security company SonarSource has published details on a severe vulnerability impacting Packagist, which could have been abused to mount supply chain attacks targeting the PHP community. Packagi...

It has been reported that Gardai and government ministers have warned businesses to prepare for potential ransomware attacks, saying that the number of attacks targetting small and medium businesses...

A report has found that domains registered for fake promotions have increased by 335% in the past year. Victims are being scammed via phoney youtube streams featuring celebrities that encourage pe...

According to The Register, Joe Sullivan, Uber's former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers' personal information. Sulliva...

It has been reported that one of the largest non-profit healthcare providers in the US has been hit by a suspected ransomware attack which has already impacted multiple locations around the country....

CISA Director Jen Easterly announced a new Binding Operational Directive (BOD 23-01) on Monday requiring all Federal civilian agencies to report detailed data about vulnerabilities to CISA at timed i...

Following the news that:  Telstra is rocked by a data breach with hackers gaining access to staff info. Telstra is rocked by a data breach with hackers gaining access to staff info (msn.co...

...

As more and more businesses move their operations online due to digital transformation, the need for securing becomes more pressing. Namely, many companies do their best to secure their cloud from da...

Cyber group RansonEXX took responsibility for stealing the company’s information, Italian newspaper Corriere della Sera said. They claim the hackers have leaked 7GB of data, including internal docu...

It has been reported that banks and building societies will have stronger incentives to prevent scams happening in the first place, as well as having to reimburse victims who have been tricked into t...

Humana disclosed a third-party data breach by Choice Health that impacted 22,767 patients. Humana is the third largest health insurance provider in the nation. Choice Health sells Medicare products o...

Despite Increased Investment in Bot Mitigation, Annual Report Shows Companies Continue to Struggle with Bot Attacks Kasada, provider of the most effective and easiest way to defend against advance...

Today, the National Cyber Security Alliance (NCSA) and CybSafe launch the annual ‘Oh, Behave! The Annual Cybersecurity Attitudes and Behaviors report’, which studies 3,00...

New findings from Venafi show 81% of companies have had a Cloud Security Incident in the last year. Key findings: 45% of organizations suffered at least four incidentsorganizations in study hos...

Lumen’s Black Lotus Labs blogs about discovering a new rapidly growing, multipurpose malware written in the Go programming language. Dubbed "Chaos" by the author, the malware was developed for Wind...

iStorage calls for mass adoption of encryption to help stem the rise of cyber crime and limit the impact of ransomware following snapshot survey at Infosec 2022 A recent poll to take a snapshot of...

A hacker who infiltrated Fast Company sent obscene push notifications to Apple News users’ home screens on Tuesday night, sparking a shutdown of the magazine’s website. The US-based business maga...

A buyer dilemma is happening now with security solutions as business owners and CISOs realize that legacy rules-based WAF is not enough for web application and API protection.  Legacy WAF was...

According to new data from Databarracks, 44% of the organizations who experienced a ransomware assault paid the demanded ransom. 22% made use of ransomware decryption software, while 34% restored dat...

Watchfinder, one of the largest online watch dealers has reported a data breach that may have disclosed customer emails and phone numbers, according to Bloomberg.   The UK-based company said cu...

According to Kyiv, there have been rumors that Russia intends to launch "scale cyberattacks" against the vital energy infrastructure of Ukraine and its allies. The Ukrainian Defense Ministry said in...

TikTok has been accused of processing the data of children under the age of 13 between 2018 and 2020, breaking UK data protection law and making the company vulnerable to a potentially hefty fine. Th...

ReasonLabs researchers detail the activities of one of the largest fraudulent online credit card schemes active today. The sophisticated scam has reportedly siphoned tens of millions of USD from cred...

As reported by the Mail on Sunday, the personal details of the Duchess of York, Jeremy Clarkson and Sir David Attenborough have been leaked by Russian criminals who hacked into the database of luxury...

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending...

A 15-yr old vulnerability in Python’s tarfile modules could potentially put 350,000 open source projects at risk....

Today’s subscription economy makes accessing nearly any service as easy as hitting enter. The same model has now entered the dark web. The same Netflix-style instant-access menu is now part and par...

Following the news that:   Uber is hiring for over 80 cybersecurity jobs after being hacked last week Uber is hiring for over 80 cybersecurity jobs after being hacked last week (msn.com)...

It has been announced that Morgan Stanley has agreed to pay a $35 million penalty for data security lapses that included unencrypted hard drives from decommissioned data centres being resold on aucti...

It has been reported that millions of Australians have had their personal details compromised in a major cyberattack on Optus. The telco confirmed the data breach in a statement on Thursday afternoon...

Due to a glitch by anti-malware software company, Malwarebytes, it began yesterday detecting Google and YouTube domains as being malicious and therefore blocking its users from accessing the website...

While quantum has become a big buzzword, the security implications are still very real. Cybersecurity leaders are very concerned by "harvest now, decrypt later" report finds. Quantum computers,...

As reported by Bleeping Computer, Twitter logged out some users after addressing a bug where some Twitter accounts remained logged on some mobile devices after voluntary password resets. "That means...

Okta’s global State of Secure Identity Report has found that credential stuffing is the top threat against customer accounts, outpacing legitimate login traffic in some countries. The report presen...

Following news of a hack that saw new Grand Theft Auto footage leaked , experts reacted below....

Following news that Rockstar Games have been hacked, resulting in a data leak (https://www.bbc.co.uk/news/technology-62960828), Louise Ferrett, Threat Intelligence Analyst at Searchlight Security�...

In light of the news that both American Airlines and Revolut have suffered data breaches from social engineering, the Industry leader commented below on the danger of social media....

It has been announced that cybercriminals have launched a ransomware attack against the parliament in Bosnia and Herzegovina, which has brought critical activity to a standstill....

Considering the BBC’s warning for people to be on high alert for fake emails and texts claiming to offer discounts on energy bills, cyber security experts reacted below....

The digital challenger bank Revolut has confirmed it was hit by a highly targeted cyberattack that allowed hackers to access the personal details of tens of thousands of customers. The app-based b...

In response to reports that financial technology company Revolut has suffered a cyberattack that gave an unauthorized third party access to personal information of tens of thousands of clients and...

Uber’s computer systems were breached and the company has alerted authorities, the ride-hailing giant said Thursday. The ride-hailing company said in a tweet that it was “responding to a cybersec...

Researchers at Vectra have identified an attack path that enables malicious actors with file system access to steal credentials for any Microsoft Teams user who is signed in. Attackers do not requi...

Cyber insurance provider, Coalition, has announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealing that small businesses have become bigger targ...

Following the news that:  U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks] U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attac...

It has been reported that agencies will require software vendors to self-certify that they’re following secure development practices under new White House guidance, but it leaves the door open for...

Following news that the Daixin Team ransomware group has threatened to leak over 1 million medical records (https://www.theregister.com/2022/09/14/ransomware_medical_groups/), cyber security experts...

According to a new report, the FBI has identified an increasing number of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security feat...

As Montenegro battles with a massive cyberattack, its computers are unplugged, the internet switched off and websites down. Reports today suggest pro-Russian hackers are behind the attack on t...

It has been reported that Canadian Solar, the manufacturer of solar PV modules, has claimed to be hacked by a ransomware known as LockBit 3.0 ransomware. The hackers have claimed a ransom amount from...

It has been reported that two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. Daixin Team has ta...

According to Metro, hackers are adopting a new phishing scam by disguising malware as WeTransfer links. The scam involves hackers sending a ‘Proof of Payment’ document from WeTransfer, but ins...

Microsoft released fixes for over 60 CVEs this month including two zero-day vulnerabilities, one of which is being actively exploited in the wild....

Following the news that:  New approach to ransomware encryption threatens to undermine cyber security strategies New approach to ransomware encryption threatens to undermine cyber security str...

HYCU researchers are reporting 65%  of respondents lack full confidence in their legacy backup solutions (HYCU’s in the multi-cloud backup-as-a-service biz). Excerpts According to the report, 6...

Researchers have uncovered a new campaign targeting U.S., Canadian and Japanese energy providers to the North Korean Lazarus APT hacking group. The initial vector was the exploitation of the Log4j ...

Jeremy Kirk, the editor over at ISMG reported on Twitter last night that the Vice society was claiming responsibility for the LA School District cyberattack. The Vice Society is a “double extortion...

The adoption of cryptocurrency is continuously increasing. With the many advantages such as the efficiency and transparency of payments, it is no surprise that financial institutions are eager to g...

It has been reported that Uber’s former security officer, Joe Sullivan, is standing trial this week in what is believed to be the first case of an executive facing criminal charges in relation to...

WH Smith is feeling the effects of a cyber-attack on its subsidiary, Funky Pigeon. The attack occurred in April but its significant adverse affects on the retailer have only been reported today....

I wanted to reach out to put some news on your radar (if it’s not already). Holiday Inn owner, Intercontinental Hotels Group (IHG), has confirmed the company has been hit by a cyber-attack. IHG,...

As cryptocurrencies are becoming more popular around the world, BanklessTimes.com decided to look into which countries and continents have the highest adoption rates. Our key findings: The Afr...

Following the news that:  FBI warns of residential proxies used in credential stuffing attacks FBI warns of residential proxies used in credential stuffing attacks (bleepingcomputer.com)...

The Los Angeles Unified School District has confirmed that it was hit by a ransomware attack on its IT systems over the weekend. District officials described the incident as “likely criminal in na...

According to Metro, One of the first images taken by Nasa’s James Webb Telescope is being used by hackers in a phishing scam. A security analytics platform, Securonix, uncovered the new computer se...

Following the news that:  Holiday Inn hotels hit by cyber-attack Holiday Inn hotels hit by cyber-attack - BBC News Cyber security experts reacted below....

Go-Ahead, one of the UK’s biggest transport companies, is managing an ongoing cyberattack that has affected software used to schedule bus drivers and services....

London's biggest bus operator has encountered a cybersecurity incident. Please find comments below on this by cybersecurity expert....

The U.S NSA and CISA have shared tips to secure the software supply chain. But is this actually a step in the right direction? After the snowball effect of supply-chain attacks like the SolarWinds...

Following the news that:  New ransomware hits Windows, Linux servers of Chile govt agency New ransomware hits Windows, Linux servers of Chile govt agency | Vumetric Cyber Portal...

Following the news that: Digital identity provider SDK leaves hundreds of thousands of biometric records vulnerable Digital identity provider SDK leaves hundreds of thousands of biometric recor...

As reported by Bloomberg, on Monday, several cybersecurity analysts tweeted about the discovery of what was purportedly a breach of an insecure server that allowed access to TikTok’s storage, which...

It has been announced over the weekend that Samsung has disclosed a data breach. On Sept. 2, Samsung notified customers of a "cybersecurity" incident that happened in late July, discovered on Aug....

The Wall Street Journal today reported that Finland Plans Cyber Funding For Companies Amid Rising Security Threats. The move is to help address the spate of cyberattacks the country has suffered sinc...

Survey also reveals one in four parents admit to being unaware of who their children interact with online Over a third (34%) of parents are unaware of what online accounts their children are using...

Following the news that: UK Government lays out plans to protect telecoms networks against cyber attacks Government lays out plans to protect telecoms networks against cyber attacks | Evening S...

The Office of the Maine Attorney General said in a filing this week, that PII data of over 2.5 million people that had taken out student loans with either the Oklahoma Student Loan Authority (OSLA) o...

According to the Telegraph, figures from Action Fraud show an alarming number of children as young as six are being targeted by fraudsters as more than a thousand children and teenagers are now scamm...

...

Telecoms providers will be required to put in place new, stronger security measures to protect UK networks from cyber attacks under plans published by the Government. The new regulations and a code o...

Global identity verification company, Veriff, analyzed FBI data and conducted an exclusive survey to find out which cybercrimes Americans are most afraid of and how often they are happening - to dete...

It has been announced that Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online....

Microsoft-owned LinkedIn is being used by hackers to spread data stealing malware via sending connection requests in disguise of people working with reputed companies, a report showed on Tuesday. Res...

New findings from Venafi 64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks. Among key findings: 82% believe geopolitics and cybersecurity are intrinsically link...

According IT Pro, a new business email compromise (BEC) campaign has been targeting Microsoft 365 organizations in a bid to hack corporate executives’ accounts and maliciously divert business payme...

One of the world's leading password managers with 25 million users, LastPass, has confirmed that it has been hacked. While it's good news that customer data was not compromised in this latest inciden...

According to NottinghamshireLive, Jet2 has taken to social media to warn all UK customers about what appears to be a series of scams, one of which relates to Covid testing. Some destinations still re...

A Plex data breach has exposed usernames, email addresses, and encrypted passwords. As Troy Hunt, Microsoft Regional Director, said on Twitter “Aw crap, I’m pwned in a @plex data breach. Again. I...

The cosmetics retailer Sephora agreed to pay $1.2 million in penalties to California for allegedly failing to comply with the state’s consumer privacy law. More on the story here: https://www.w...

Please see comment below by security experts and industry leaders, on the Quantum ransomware that hit the Dominican Republic's Instituto Agrario Dominicano....

Facebook is reportedly down for users across the globe. Several users from across the world are complaining about the biggest social media platform showing weird posts from celebrities....

In recent news, Twitter’s former Security Chief accused the company of ‘misleading’ public on security practices....

This week A-Level students received their results, with many of them now working out next steps. In the UK, top grades for A-level results have fallen since last year, with 36.4% of all grades marked...

Following the news that:  Hackers Steal Session Cookies to Bypass Multi-factor Authentication https://www.esecurityplanet.com/threats/hackers-steal-session-cookies-to-bypass-mfa/...

Onfido survey finds that portrayals of fraud in popular culture are influencing views on criminal activity The leading global digital identity verification and authentication provider, today annou...

Following the news that:  Here's how attackers are circumventing Microsoft's multi-factor authentication Here's how attackers are circumventing Microsoft's multi-factor authentication - On...

It has been reported that cyber-criminals are increasingly hijacking home IP addresses to hide credential stuffing activity and increase their chances of success, the FBI has warned. Credential stuff...

...

Security researchers at CYFIRMA have discovered over 80,000 Hikvision cameras vulnerable to a critical command injection flaw that's easily exploitable via specially crafted messages sent to the vuln...

A recent Microsoft report lays out how the proliferation of ransomware as a service (RaaS) is fast becoming a dominant business model, enabling most anyone, regardless of their technical expertise, t...

In response to reports that the Center Hospitalier Sud Francilien, a 1000-bed hospital located outside of Paris, suffered a cyberattack on Sunday, which has resulted in the medical center sending pat...

It has been reported that Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk...

The Lockbit Ransomware gang has taken credit for the ransomware attack on Entrust, a digital security giant. In June, Entrust began notifying customers that they suffered a cyberattack where data was...

Bitdefender has identified dozens of apps on the Google Play Store that conceal their presence after installation by changing their names and icons, before serving up ads. They also remove themselves...

As reported by the Financial Times, cybersecurity has eclipsed tumultuous financial markets as the biggest concern for the world’s largest sovereign wealth fund, as it faces an average of three “...

It has been announced that the US government is banning insecure software from its procurement process in a bid to improve the country’s cyber security....

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitat...

A dozen malicious PyPi packages have been discovered by researchers at Snyk installing malware that modify the Discord client to steal data from web browsers and Roblox. The popular online chat ap...

Apple has disclosed serious security vulnerabilities for iPhones, iPads and Macs, which could potentially allow attackers to take complete control of devices. Apple added that it is "aware of a repor...

A-Level Results 2022 – Tech industry experts react This week A-Level students received their results, with many of them now working out next steps. In the UK, top grades for A-level results have...

It has been reported that a report from ForgeRock has revealed an unprecedented 297% surge in breaches caused primarily by security issues associated with supply chain and third-party suppliers...

New data released by IBM X-Force on operational technology (OT) vulnerabilities confirmed the OT cyber threat landscape is expanding dramatically and assigns percentages to the attack sectors (manufa...

Signal, often considered one of the most secure messaging app, was recently affected by a phishing attack suffered by Twilio, the company providing Signal with phone number verification services. ...

As reported by Sky News, Microsoft has confirmed that scammers have began a campaign posting counterfeit packages designed to look like Microsoft Office products to defraud people. The scam, which ha...

According to TechMonitor, hundreds of thousands of websites, including some with UK government domains, that use the open source development tool Git are at risk of having their entire codebase, hist...

Cybersecurity researchers at Proofpoint have today published new threat intelligence detailing how cybercriminal group TA558 has been targeting hospitality, hotel, and travel organisations to deploy...

The news broke that ESET researchers have identified a new cyberespionage campaign by North Korean APT group Lazarus, targeting Apple and Intel chip systems via a fake engineering job post supposedly...

Hackers attack UK water supplier but extort wrong victim. The Clop ransomware gang claimed to have breach Thames Water supplier by accessing their SCADA systems, which would give them the ability to...

As you may have heard, 8,000 internet-accessible VNC instances were exposed due to disabled authentication. Security researchers found that these instances were managed by critical infrastructure org...

Irdeto’s Connected Transport business will partner with Clavister to combine Clavister’s Next Generation Firewall (NGFW) solution and AI engine for zero-day vulnerabilities with Irdeto’s Asset...

Phishing is a huge threat that affects so many industries every year. Some industries were hit particularly hard, with retail workers receiving an average of 49 phishing emails a year and many emplo...

Researchers at Cyble discovered over 8,000 exposed VNC (virtual network computing) endpoints that allow access to networks without authentication. VNC is a graphical desktop-sharing system that al...

A new study by BlackBerry and Corvus Insurance confirms a “cyber insurance gap” is growing, with a majority of businesses in North America either uninsured or underinsured against a rising tide o...

In response to reports that hackers are increasingly moving towards hybrid forms of phishing attacks that combine email and voice social engineering calls, with the use of 'hybrid vishing' is seeing...

In response to reports that Argentina's Judiciary of Córdoba has shut down its IT systems after suffering a ransomware attack at the hands. of the new 'Play' ransomware operation, cyber security e...

It has been reported that South Staffordshire Water “has been the target of a criminal cyber attack”, the company has confirmed. In a statement, it stressed it was “still supplying safe wate...

Talos Intelligence Group confirmed that Cisco had been hacked by the Yanluowang ransomware group. The confirmation in a Talos blog posting, stated Cisco first learned of the compromise on May 24. E...

Following news that a cyber-attack on a major IT provider of the NHS, Advanced, has been confirmed as a ransomware attack (NHS IT supplier held to ransom by hackers - BBC News), Information Security...

As reported by The Verge, Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system (via MacRumors). In an update on its security bulletin, Z...

According to Bolton News, unsuspecting parents are being targeted by scammers in a re-emerging phishing scam that has seen victims lose thousands. A warning has been issued for the new ‘Hi Mum�...

Cisco has admitted that its corporate network was compromised and the company suffered a data exfiltration due to a compromised employee's account. https://twitter.com/danielcid/status/1557546216...

Following news that priority Health issued a notice about a third-party data breach that originated at the law firm Warner Norcross & Judd (WNJ) in October 2021 (https://healthitsecurity.com/ne...

According to ABC News, A former Twitter employee has been convicted of spying for Saudi Arabia after accessing private data on users critical of the kingdom’s government in a spy case that spanned...

Sophos X-Ops Active Adversary whitepaper, “Multiple Attackers: A Clear and Present Danger,” details finding Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacki...

Following the news that:  Number of Firms Unable to Access Cyber-Insurance Set to Double Number of Firms Unable to Access Cyber-Insurance Set to Double - Infosecurity Magazine (infosecurity-ma...

Following the news that:  Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institution Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions (th...

Kaspersky researchers detail a wave of targeted attacks, first observed in January of 2022, on military industrial complex enterprises and public institutions in several countries, identifying multi...

It has been reported that communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. The San...

As reported by BBC News, Meta has announced new privacy features for WhatsApp users. Users will be able to leave group chats silently, control who can see their online status and block screenshots on...

The UK Parliament has closed down its TikTok account after MPs raised concerns about the risk of data being passed to the Chinese government. The account has been locked, and content deleted, days a...

An analysis from Recorded Future’s research group, Insikt Group, details the tactics, techniques, and procedures (TTPs) used by cybercriminals on dark web and special-access sources to compromise n...

The Solana network seems to be the victim of an ongoing cyberattack. Over the last few hours, several users have taken to Twitter to report that their Solana holdings have been completely drained. Da...

Proofpoint released a new study on the inability of universities to secure email domains: 97% of top universities in the US, UK and Australia putting students, staff, and stakeholders at risk of bein...

It has been reported that con artists behind 'Hi Mum, Hi Dad' WhatsApp scam are now using text messages to target victims, fraud expert warns - as figures reveal how Britons have been tricked into ha...

It has been reported that two companies based in Luxembourg are grappling with an alleged ransomware attack that began last week, the latest in a string of incidents involving European energy compani...

In response to the spate of cyberattacks that Taiwan has suffered over the last day, cyber security experts reacted below....

It has been reported that cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users'...

The BlackCat ransomware gang claims to have hit the Natural gas pipeline company Creos Luxembourg S.A. last week, a natural gas pipeline and electricity supplier. Creos’ owner, Encev...

Researchers at CloudSEK have uncovered 3,207 apps, leaking Twitter API keys, that can be utilized to gain access to or to take over Twitter accounts. These apps were leaking legitimate Co...

Cybersecurity researchers at Proofpoint have today released new research showing threat actors adopting new tactics in response to Microsoft’s announcements that it would block macros by defau...

...

Gigamon released its State of Ransomware 2022 and Beyond report aimed at providing insights into how the threatscape is evolving and how the severity of the ‘blame culture’ in cybersecurity is es...

Following the news that: A ‘top tier’ hacking gang is likely to be behind Entrust ransomware attack Entrust ransomware attack likely to be work of 'top tier' hacking gang (techmonitor.ai)...

It has been reported that the LockBit ransomware crew is claiming to have stolen 78GB of data from Italy's tax agency and is threatening to leak it if a ransom isn't paid by July 31. The notorious ga...

Following the news that Twitter suffered a data breach that saw 5.4 million users’ details leaked online please find a comment below from Cyber security experts. The comment covers how the attac...

PrestaShop, an open-source e-commerce platform hosting over 300,000 shops, announced attackers have exploited a major vulnerability to inject malicious code into servers running PrestaShop websites....

Passwordless authentication does not equate to biometrics in the workplace Passwordless authentication does not equate to biometrics in the workplace | Biometric Update...

Uber has admitted to covering up a massive cybersecurity attack that took place in October 2016, exposing the confidential data of 57 million customers and drivers, as part of a settlement with the U...

As reported by TechCrunch, Indian online insurer Policybazaar said on Sunday that it was subject to an unspecified security incident but found that “no significant” customer data was exposed —...

Avast recently discovered a zero-day vulnerability in Google Chrome (CVE-2022-2294) when it was exploited in the wild in an attempt to attack Avast users in the Middle East in a highly targeted way....

As reported by The Times, US authorities have offered a $15 million (€14.7 million) reward for information leading to the arrest or conviction of members of the Conti group, the criminals blamed fo...

According to CyberNews, Microsoft Teams has over 270 million active monthly users, with government institutions using the software in the US, UK, Netherlands, Germany, Lithuania, and other countries...

Exactly as predicted in January on HackerOne, a Twitter vuln that allows attackers to access phone numbers and email address associated with Twitter accounts has been used and the data is for sale on...

It has been reported that flaws discovered in a GPS device used in fleet management could allow attackers to remotely disrupt operations and surveil vehicle movements, the U.S. Cybersecurity and Inf...

Following the news that:  Minecraft DOWN: Server status update, as fans hit with authentication issues Minecraft DOWN - Server status update, as fans hit with authentication issues | Gaming |...

Following the news that: Thailand admits to using phone spyware, cites national security Thailand admits to using phone spyware, cites national security | 93.3 The Drive (933thedrive.com)...

A new Recorded Future threat analysis reveals that  300 restaurants and at least 50,000 payment cards have been compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPO...

The Cyberspace Administration of China said it fined Didi 8.026 billion yuan ($1.19 billion) after deciding the company violated China’s network security law, data security law, and personal inform...

It has been reported that the virtual pet website Neopets has suffered a data breach leading to the theft of source code and a database containing the personal information of over 69 million members....

As reported by SecurityAffairs, in September 2021, the Conti ransomware gang hit high society jeweller Graff and threatens to release private details of world leaders, actors and tycoons. Graff de...

The UK technology sector has a talent shortage which could "stifle growth", an industry body has warned. Liz Scott, from TechNation, said it was "a real issue" which must be rectified. There were m...

The Daily Dot is reporting that mental health app Feelyou patched a vulnerability this weekend that saw the email addresses for its nearly 80,000 exposed online. Up until last week…, anyone coul...

In response to reports that a synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack, cybersecurity experts reacte...

The Wordfence Threat Intelligence team is reporting on a sudden increase in attack attempts targeting Kaswara Modern WPBakery Page Builder Addons. This is an ongoing campaign targeting an arbitrary...

It has been reported that a major cybersecurity bug detected last year in a widely used piece of software is an “endemic vulnerability” that could persist for more than a decade as an avenue for...

U.S. FTC Vows to Crack Down on Illegal Use and Sharing of Citizens' Sensitive Data U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens' Sensitive Data (thehackernews.com)...

Security Affairs reported on a Microsoft analysis of a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and...

The U.S. Department of Homeland Security (DHS) has released the first report by the Cyber Safety Review Board (CSRB), which includes 19 actionable recommendations for government and industry to addre...

Pluralsight – the workforce technology development platform has today released its latest data – from June 2022 – around the most popular technology courses across different in-demand skills....

...

Australian university, Deakin, has suffered a data breach affecting nearly 47,000 current and past students, following a smishing attempt after a member of staff’s username and password was hacked....

Not sure you're a huge gamer, but Bandai Namco, publisher of Dark Souls, Elden Ring and Soulcalibur, has confirmed it was the target of a ransomware attack by cybergang, Black Cat. This will cripp...

According to a recent post from Microsoft, a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped t...

The Virginia Commonwealth University (VCU) health system suffering a data breach. Information security experts reacted below on what went wrong and how to protect against such breaches....

Global video game publisher Bandai Namco – known for games including Pac-Man and Elden Ring – has reportedly been hit by a ransomware attack according to the cyber security site VX-underground,...

...

It's extremely rare for hackers, who operate in the digital world, to cause damage in the physical world. But a cyber-attack on a steel maker in Iran two weeks ago is being seen as one of those signi...

NordVPN recently released research that found despite the crash of crypto currencies of late, scams and fraud has soared....

...

Maintaining a sustainable strengthened cyber security posture Maintaining a sustainable strengthened cyber security posture - NCSC.GOV.UK...

Following the news of Microsoft’s decision to roll back its default disabling of Office Macros, expert commented below....

A Ransomware attack hit Goa’s flood monitoring system according to the Hindustan Times, which reports that the state government’s water resources department that maintains the data said that al...

Marriott Hotels has been the victim of a third data breach in four years, according to reports. It is clear that today's businesses are way off the mark when it comes to responsible resilience ag...

Followings the EU's agreement on the Digital Markets Act last night, the world’s farthest reaching law to address Big Tech's monopoly, cyber security experts reacted below. The act will stop t...

It has been reported that Marriott International Inc. has suffered yet another data breach, the second time the hotel chain has had data stolen this year. Initially reported by DataBreaches.net, an...

It has been reported that an ITV News investigation into cyber security at UK public services has revealed an enormous disparity in defence budgets, hundreds of potential website vulnerabilities an...

Bloomberg reported that unknown cyber criminals claim to have stolen data on up to a billion Chinese residents after breaching a Shanghai police database. It is said to be the largest cybersecurity b...

Following the news of a cyber attack on the British Army, please find comments below by cybersecurity experts explain how organisations can learn from high-profile attacks and protect against hacke...

Following the news that:  Marqeta Expands Credit Platform with 40 New APIs Marqeta Expands Credit Platform with 40 New APIs | PYMNTS.com...

Researchers at Lumen’s Black Lotus Labs are reporting on a newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT. The RAT has been used to target remote workers via small office/home...

Geographic solutions ransomware attack impacts unemployment programs nationwide, security experts commented below....

Remote working and rise in ransomware drive IT leaders to manage risk with mandatory encryption Nearly three quarters require encryption of data held on removable media  The number of UK...

In light of the news that Macmillan, one of the largest book publishers in the US have been hit by a ransomware attack, security experts commented below....

Following the news that:  45% of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods Customers Are Comfy Not Using Passwords | PYMNTS.com...

Cybersecurity leaders are anticipating mass resignations within the year - here's why Cybersecurity leaders are anticipating mass resignations within the year - here's why | ZDNet...

It has been reported that a new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a syst...

OpenSea, the largest NFT marketplace with more than $20 Billion in trading volume, disclosed a data breach Wednesday, warning users of phishing attacks that could target them due to a recent breach o...

The one-year anniversary of the Kaseya ransomware attack is just around the corner on July 2nd. As we look back, cybersecurity leaders are able to analyze the events leading up to and during the atta...

According to a new report from Tetra Defense, the Root Point of Compromise (RPOC) for attacks against U.S. companies was external exposure. Patchable and preventable external vulnerabilities were fou...

As reported by BBC News, Ruja Ignatova, also known as the "missing Cryptoqueen", has been placed on the FBI's top 10 most wanted list. The Bulgarian woman, believed to be in her 40s, is wanted for he...

It’s being reported that the emerging Black Basta ransomware gang has managed to hit close to 50 organisations in Anglophone countries since it started operations a few months ago, and appears to...

As you may know, Russian hacker group Killnet told Reuters that it was continuing a major cyber attack on Lithuania on Tuesday in retaliation for Vilnius's decision to cease the transit of some good...

Avast, a global leader in digital security and privacy, has discovered an online community of minors constructing, exchanging and spreading malware, including ransomware and a mix of information st...

Cyble Research Labs observed over 900,000 Kubernetes exposures across the internet. … it emphasizes the existence of seemingly simple misconfiguration practices that might make companies lucrati...

Verizon recently released its 2022 Data Breach Investigations Report, giving businesses vital insights into the state of cybersecurity around the world. It contains an analysis of over 23,000 inciden...

AMD said it is investigating a potential data breach after RansomHouse, a relatively new data cybercrime operation, claims to have extorted data from the US chipmaker....

Following the FBI’s warning around criminals using deepfakes to apply to remote jobs, Information security experts reacted below highlighting the danger of deepfakes....

...

As reported in news, USB stick containing an entire city’s personal details has been lost by a Japanese man, Industry leaders reacyed below....

Global search trend data highlights 20,000 Google enquiries [per month/per year] for ‘how to know if your phone is hacked’, and so experts at Bespokesoftwaredevelopment.com chose to provide a tho...

Today is the five-year anniversary of NotPetya. We asked the following question to InfoSec experts and below are the responses: What do you think of five year anniversary of NotPetya?...

Following the news that:  Russian hackers claim responsibility for cyberattack on Lithuania Russian hackers claim responsibility for cyberattack on Lithuania | Cybersecurity News | Al Jaze...

The recent cyberattack on Wiltshire Farm Foods highlights the damaging impact of cyber threats on business continuity.  The company is “unable to make many deliveries in the next few days” and...

Please find below some comment from Jamal Elmellas, Chief Operating Officer (COO), of Focus-on-Security, the cybersecurity recruitment agency in response to the UK government’s press release on...

It has been reported that Android smartphone and tablet users are set to get a neat new way to ensure they never lose track of all their important passwords. As spotted by 9to5Google, Android use...

Following the news of Yodel’s cyber incident, please find comment below from Industry leaders....

In a recent poll* of 500 US identity and security professionals the non-profit Identity Defined Security Alliance (IDSA) found that 84% had an identity-related breach in the past year, with 78%  e...

A security report produced by Forescout's Vedere Labs that has revealed a set of 56 vulnerabilities that are collectively called Icefall and impact operational technology equipment used in vario...

Black Cloak released their study today,  Examining the Modern Attack Surface: Quantifying the Risks to Individuals and the Enterprise. The study reveals just how shockingly vulnerable C-suite execs...

News is breaking that delivery firm Yodel, is suffering from a cyber-attack disrupting their services. The full nature of the attack is still unclear, although prominent cyber security expert Kevin B...

Cybersecurity researchers at Proofpoint have today released their 2022 Social Engineering report, which analyses the key trends and techniques of socially engineered cyber threats observed over the p...

A flaw in the popular fitness app Strava has recently allowed threat actors to uncover the location and movements of Israeli officials at secret bases.  The full story can be read here: https:...

Flagstar Bank, a Michigan-based financial services provider and one of the largest banks in the United States, has disclosed a data breach impacting 1.5 million customers....

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonate...

Following the news that: 93% of Kubernetes users struggle with security 2022 state of Kubernetes security report (redhat.com)...

Derived from News Release Summary: The U.S. DOJ, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, have dismantled the infrastructure of a Russian botnet k...

CNBC - SAN FRANCISCO — Fraudsters who exploit LinkedIn to lure users into cryptocurrency investment schemes pose a “significant threat” to the platform and consumers, according to Sean Ragan, t...

As reported by Security Brief, a two-month-long investigation by INTERPOL between March and May this year involved 76 countries and clamped down on organised crime groups behind telecommunications an...

As reported by Neowin, couple of weeks ago, people started noticing that apps such as Outlook, Thunderbird, and other email clients started prompting them for their Google passwords. When they would...

Researchers at Digital Shadows report having collected over 24 billion usernames and passwords from the dark web – an increase of 65% in just two years. Even after removing duplicates, they still f...

Akamai security researchers have released discovery on Panchan, a new peer-to-peer botnet and SSH worm that emerged in March and has been actively breaching Linux servers since. Panchan, written in G...

Following the Department of Energy’s report released yesterday on National Cyber-Informed Engineering Strategies, experts commented below....

Following the news that the Department for Work and Pensions has been knowingly sending people the wrong pension amounts due to an IT system error for the last twenty years, industry leaders reacted...

Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes t...

Microsoft has made the announcement that it will acquire cyber threat analysis and research company, Miburo....

It has been reported that web performance firm Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack last week that peaked at 26 million request per second (...

Researchers at Aqua Security discovered that “tens of thousands of user tokens” are exposed through the Travis CI API allowing access to more than 770 million logs containing credentials for as G...

New research, released today by Arctic Wolf has discovered that UK cybersecurity professionals are overworked and lacking in confidence to stop cyberattacks. The research found that UK organisations...

Interpol has just announced a 76-nation operation to crack down on fraud, including telecommunications or scamming fraud, particularly telephone deception, romance scams, e-mail deception, and conne...

A new study shows Australia is experiencing an unprecedented surge in online scams with a record $324 million stolen in 2021, up from $176 million in 2020, marking an 84% increase. Australian Capi...

...

...

The Internal Revenue Service has declared spear phishing to be the 8th item on the 2022 "Dirty Dozen" scams warning, adding that even after tax season has passed, "Spear phishing remains one of the b...

Following the release of the UK’s Digital Strategy, please see below comments from cyber security expert....

A new study from BestBitcoinExchange.io has assessed which of the top crypto exchanges have suffered the worst hacks in the past, which are the safest to trust going forward, and which should be avoi...

Log4j was one of the most widespread vulnerabilities of all time - however, 6 months after a patch arrived, the problem has not disappeared. Fresh data from Darktrace competitor ExtraHop, shows that...

According to a Cloud Security Alliance survey on cloud security issues, insufficient identity, credential, access and key management for privileged accounts is the top concern around cloud cybersecur...

According to the verge.com Google Chrome has built-in phishing detection that scans pages to see if they match known fake or malicious sites (using more than just the URL, since scammers rotate tho...

Microsoft forgot to renew the certificate for its Windows Insider subdomain over the weekend, causing an outage and disruption for those trying to use the platform. Users who attempted to visit the W...

It has been reported that Apple has announced plans to move towards a passwordless future. At Apple’s Worldwide Developer Conference, the company announced it will launch passwordless logins ac...

In The Human Factor Report 2022, security vendor Proofpoint found that SMS phishing (smishing) attacks more than doubled year-on-year in 2021. The report is based on their analysis of over 2.6 billi...

...

Big moves have been made for Government security today, with the MoD announcing the acquisition of its first quantum computer- storming ahead in the quantum arms race. With the development of quantu...

Babble enlists the help of a Twitter poet to encourage the technology sector to cut the jargon  The technology sector’s widespread use of unnecessary jargon and technobabble is stopping peo...

An Australian court on Monday ordered Google to pay a former lawmaker A$715,000 ($515,000), saying its refusal to remove a YouTuber's "relentless, racist, vilificatory, abusive and defamatory" videos...

Following the news that: Italian city of Palermo shuts down all systems to fend off cyberattack Italian city of Palermo shuts down all systems to fend off cyberattack (bleepingcomputer.com)...

New statistics reveal that cybercriminals are now spending longer inside businesses' internal networks after their initial breach, having a 36% increase in attacker dwell time compared to 2021....

Shields Health Care Group has suffered a data breach affecting two million patients. Although the organization claims that no information accessed in the breach has been “misused or disseminated,�...

As reported by PC Mag, Apple previewed a new passwordless login scheme called Passkey at its Worldwide Developer Conference (WWDC). Darin Adler, VP of Internet Technologies at Apple, pitched Passkey...

Full of high stakes and thrilling escapades, heist films are perfect for any movie buff. The Vault (2022), directed by Jaume Balaguero, premiered in the UK this March. The film follows a group of mas...

Apple says that its App store safety mechanisms blocked $1.5 billion in fraudulent App Store transactions, 1.6 million risky and vulnerable apps, and app updates from defrauding users. Since the bad...

Cyber eason has today published results of its second annual ransomware study during a year of unprecedented attacks to better understand the true impact on businesses. This global study reveals th...

In light of the critical Atlassian zero-day (CVE-2022-26134) that’s just making headlines, Information Security Experts emphasis why it is better time to move to cloud but what do you think?...

Securi researchers are reporting that The Parrot traffic direction system (TDS) that came to light earlier this year on more than 16,500 infected sites has had a larger impact than previously thought...

As reported by BBC News, digital fingerprints of a million images of child sexual abuse have been created, the Internet Watch Foundation has said. The UK charity, which is responsible for finding...

It has been reported that the German financial regulator BaFin issued a fresh cyber security warning on Tuesday to the nation's financial sector due to the war in Ukraine following a recent increase...

EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management sys...

Costa Rica’s public health service, known as the Costa Rican Social Security Fund (CCSS), has been forced to take its systems offline after being hit by Hive ransomware....

According to a new Sophos report, State of Ransomware in Healthcare 2022, twice as many healthcare organizations paid the ransom in 2021 vs 2020. Though they paid the ransom, only 2% got all of their...

Researchers at IBM's X-Force team are reporting a 94% reduction in the duration of an enterprise ransomware attack from 2019 to 2021. Though the overall time was reduced, the attacker’s tools appea...

It has been reported that Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. The new s...

Following the news that: Third of UK Firms Have Experienced a Security Breach Since 2020  https://www.infosecurity-magazine.com/news/third-uk-security-breach-2020/...

Following the exposure of the Microsoft Office vulnerability mentioned yesterday by the SANS Institute, the vulnerability has been named Follina, and Microsoft is aware of it. Researchers at the S...

The Federal Trade Commission is taking action against Twitter, Inc. for deceptively using account security data for targeted advertising. More on the story here: https://www.ftc.gov/news-events/ne...

Following the news that:  DuckDuckGo browser allows Microsoft trackers due to the search agreement [U] DuckDuckGo Working with Microsoft Concerning Browser Privacy - The Mac Observer...

Amid the news that two thirds of British companies have been targeted by fraudsters in the past two years, it's been revealed that cyberattacks are the most common crime....

In light of the news that CISA has added 41 vulnerabilities to its catalogue of known exploited flaws please see the below comments from the expert....

Please see comment by Industry leaders on the anniversary of GDPR. The comment focuses on how poor identity access management can lead to GDPR fines, and why organizations need to invest in Identity...

The 2022 Verizon Data Breach Investigations Report has been released and the study provides an analysis on security breaches and attack vectors from the last year. https://www.verizon.com/business...

Following the news that US Car Giant General Motors was hit by a credential stuffing attack last month that exposed customer information and allowed hackers to redeem points for gift cards, informati...

Following the news that:  Facial recognition company Clearview AI fined £7.5m for illegally using images of Brits scraped from online Facial recognition company Clearview AI fined £7.5m...

Privacy and data security experts commented on data breach news from Chicago: Chicago Public Schools says ransomware attack affects nearly 500,000 students and 56,000 employees...

Following the news that:  Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet Anonymous declares cyber war against pro-Russian hacker group Killnet (msn.com)...

Cyberwarfare is taking on a new meaning as the Costa Rican president announces “we’re at war” with renowned ransomware group Conti, following extortionate ransom demands from the government....

Ransomware gang, Conti, is demonstrating its growing political power, as Costa Rican President calls smaller nations to action. ...

In the wake of Russia’s invasion of Ukraine and the shift to hybrid working, the Institute of Directors has found that 72% of business leaders view cyber risk as a significant concern for their org...

According to the 2022 Imperva Bad Bot Report, bots accounted for almost 28% of global web traffic in 2021. The Imperva Threat Research team estimates that 27.7% of online traffic is bad bots. These b...

As reported by BBC News, modern "smart" farm machinery is vulnerable to malicious hackers, leaving global supply chains exposed to risk, experts are warning. It is feared hackers could exploit flaws...

It has been reported that MITRE has built a prototype framework for information and communications technology (ICT) that defines and quantifies risks and security concerns over the supply chain - in...

Following the news that:  Web Tracker Caught Intercepting Online Forms Even Before Users Hit Submit https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html...

It has been reported that the notorious Conti ransomware gang has officially shut down its operation, with infrastructure taken offline and team leaders told that the brand is no more. This news com...

Media giant Nikkei’s Asian unit has been hit by a ransomware attack. While the extent of the attack and whether or not customer data was leaked is still unknown, Nikkei has been forced to shut down...

It has been reported that multinational company Omnicell recently confirmed that it had experienced a data breach following a reported ransomware attack, impacting internal systems. The company, head...

In a newly reported data leak, Social Security numbers, addresses, names, dates of birth, and phone numbers were accessible on the Texas Department of Insurance website: State website exposed 1.8 mil...

According to The Telegraph, Britain’s Attorney General Suella Braveman will argue in a speech to Chatham House today that international law applies equally to equally in the cyber world as in the r...

Research from Onfido demonstrates the emotional cost of fraud is a breakdown of trust between consumers and brands Onfido, the leading global digital identity verification and authentication provi...

Researchers at NCC Group have created a new type of Bluetooth Low Energy (BLE) relay attack that can bypass existing relay attack protections. Excerpts: The Tesla Model 3 and Model Y employ a Blue...

FLASH # MC-000170-MW details how cyber actors have been observed scraping credit card data from US business’ online checkout pages and maintaining persistence by injecting malicious PHP code. Su...

Information Security experts commenting on news that the NSA Swears It Won't Allow Backdoors in New Encryption Standards. The genesis is comments made by the NSA Director of Cybersecurity last week...

A joint security advisory from multiple national cybersecurity agencies, across the United States, Canada, New Zealand, the Netherlands, and the United Kingdom, has been released and it includes guid...

Multinational company Omnicell recently confirmed that it had experienced a data breach following a reported ransomware attack, impacting internal systems. The company, headquartered in Mountain V...

In light of the ongoing speculation around Musk’s Twitter takeover and how it could be dependent on verifying the number of bot accounts, please see below for a comment from Industry leader about...

Kaspersky has released a new report, “How business executives perceive the ransomware threat” showing that in 88% of organizations around the world that were previously attacked by ransomware, b...

The Irish Council for Civil Liberties (ICCL) is reporting on the scale of Real-Time Bidding data broadcasts in the U.S. and Europe.    Key insights  RTB is the biggest data breach ever r...