Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for Kirsten Doyle - Page 3

Kirsten Doyle

Kirsten Doyle

Information Security Buzz News Editor

Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.

Tenable warns AI adoption is outpacing governance as cloud exposure risks surge

Kirsten DoyleMay 15, 20264 Mins Read

A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools and cloud-native services faster than security and governance teams can keep up. The “Cloud and AI Security Risk Report 2026” examined telemetry data gathered from public cloud and enterprise ecosystems from April to October 2025, while the AI-related data was taken until December 2025. The findings revealed that many organizations were unknowingly increasing their attack surface via overprivileged AI identities, vulnerable third-party libraries, and cloud credentials. In addition to those findings, 18% of enterprises had identities…

Read More

Microsoft patches 138 vulnerabilities as AI-driven discovery accelerates

Kirsten DoyleMay 14, 20265 Mins Read

Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May Patch Tuesday release, pushing Microsoft’s total number of patched vulnerabilities to over 500 in just five months in 2026. Researchers at Microsoft and other organizations said that AI-enabled vulnerability discovery systems have greatly accelerated and amplified the process of discovering security flaws. There were about 137 to 138 security updates issued by Microsoft addressing 30 critical vulnerabilities, as well as various other vulnerabilities including those that could allow remote code execution and privileges elevation on Azure DevOps, DNS, Netlogon, Office, and Windows networking…

Read More

Foxconn confirms cyberattack following Nitrogen ransomware claims

Kirsten DoyleMay 14, 20263 Mins Read

Foxconn has confirmed that several of its North American factories were hit by a cyberattack, after the Nitrogen ransomware group claimed to have stolen 8TB of data comprising more than 11 million files. According to the bad actor, the information supposedly obtained contains private directives, project details, technical drawings, and related project documents that pertain to companies such as Intel, Apple, Google, Dell, and Nvidia. These claims have not been independently verified yet. In a statement shared with media outlets, Foxconn acknowledged the breach and confirmed that attackers had stolen 8TB of data and more than 11 million documents. Some of the company’s factories in North America…

Read More

Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak

Kirsten DoyleMay 12, 20267 Mins Read

An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students gear up for finals. This poses a serious threat to the personal data of millions of students and teachers. Multiple institutions reported outages affecting the web-based Canvas platform on Thursday, with users encountering ransom messages posted directly to school Canvas homepages. According to Instructure, Canvas serves more than 30 million active users worldwide. The company’s public status page showed that while most services had been restored by late Thursday, Canvas Beta and Canvas Test remained in maintenance mode. The…

Read More

Zara Owner Inditex Confirms Customer Data Breach Affecting Nearly 200,000 People

Kirsten DoyleMay 11, 20263 Mins Read

Fashion retailer Inditex, the parent company of Zara, has confirmed unauthorized access to customer transaction databases hosted by a third-party provider. Data breach notification service Have I Been Pwned said approximately 197,400 unique email addresses were included in the leaked dataset. The company said it had launched security protocols and notified the relevant authorities following the incident, Reuters reports. It was reported that the data leak included customers’ email addresses, purchase history, order IDs, product information, and support ticket information. Inditex confirmed that passwords, payment card information, and physical addresses were not breached, and their internal operations and systems remained untouched. BleepingComputer reports linked…

Read More

Online Safety Act failing to deliver “step change” for children, report warns

Kirsten DoyleMay 11, 20264 Mins Read

A new report published by Internet Matters, reveals that the Online Safety Act (OSA) in the UK, although bringing visibility of online safety tools, does not seem to be living up to expectations of providing the much-needed “meaningful protection from harm.” In their report titled The Online Safety Act: Are Children Safer Online?, Internet Matters has highlighted a dual image of success and continued vulnerability. Age verification checks, reporting tools, warnings, and parental controls are being observed on social networking sites, games, and other online platforms. Approximately 68% of parents and children claim to have witnessed these changes  Families embraced many of these changes. Kids especially appreciated…

Read More

Trelix admits breach on a ‘portion’ of its source code repository

Kirsten DoyleMay 7, 20262 Mins Read

Trellix has disclosed unauthorized access to a portion of its source code repository.   However, it did not specify which portion of its source code was accessed, nor did it provide many further details about the incident. “Upon learning of this matter, we immediately began working with leading forensic experts to resolve it. We have also notified law enforcement,” the company said in a statement. Based on its investigation to date, Trellix added that is has found no evidence that its source code was released, its distribution process was affected, or that its source code has been exploited.   “As part of our commitment to our broader security community, we intend to share further details as appropriate once our investigation is complete.” Ben Ronallo, Director of Security Operations at Black…

Read More

Microsoft Edge Found Holding Saved Credentials in Plaintext Memory

Kirsten DoyleMay 6, 20263 Mins Read

Security researcher Tom Jøran Sønstebyseter Rønning, posting as @L1v1ng0ffTh3L4N, has revealed that Microsoft Edge decrypts every saved password at startup and holds all of them in process memory, in cleartext, for the entire browser session. He says this includes passwords for sites the user is visiting as well as every credential the user’s ever saved. The passwords are held in memory from the moment Edge opens. The assumption behind the technical behaviour Uzair Gadit, Founder & CEO, of Secure.com, says: “What makes this Edge finding unusual is not just the technical behaviour, it is the assumption behind it. Users are told to follow best practices, use strong passwords and use a password manager, and they…

Read More

US weighs slashing vulnerability patching deadlines as AI-driven threats accelerate 

Kirsten DoyleMay 6, 20266 Mins Read

There are discussions in US cybersecurity circles to radically shorten the time given to government agencies to fix software vulnerabilities currently being exploited, especially amid concerns about the growing use of artificial intelligence-based attacks.  According to a report by Reuters, there are talks of reducing the time frame from the current two or three weeks down to just three days, dramatically raising the pace of defensive operations across government systems. These conversations, initiated by CISA and the Office of the National Cyber Director, have been spurred by an increasing sense of unease regarding more advanced AI models like Anthropic Mythos and GPT-5.4-Cyber. These models are expected to significantly reduce the window during which any vulnerabilities can be detected and exploited, reducing attack times from…

Read More

Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation

Kirsten DoyleMay 5, 20267 Mins Read

The Cybersecurity and Infrastructure Security Agency (CISA) has added another Linux kernel vulnerability, CVE-2026-31431, also known as Copy Fail, to the Known Exploited Vulnerabilities (KEVs).   Inclusion in the list implies active real-world attacks and increases the priority of patches. This particular vulnerability, which has been affecting almost all major Linux distributions since 2017, involves transferring resources incorrectly between security domains and allows local users to escalate privileges to root access.  Experts emphasize the danger associated with this vulnerability, especially because of its reliability, undetectability, and cross-environment nature. Threat actors can abuse this vulnerability to tamper with memory data without any traces on the disk. Microsoft researchers…

Read More
Previous 1 2 3 4 5 … 60 Next
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}