by Shantanu Bhattacharya Posted on February 20, 2025 | Originally published on RSAC Conference 🔗 Read the original article on RSAC Conference In today’s digital-first business landscape, Chief Experience Officers (CXO) are frequently on the move, driving business growth outside the organization’s secure network perimeter. …
Information Security News Ghost Ransomware Targets Orgs in 70+ CountriesDark Reading by Elizabeth MontalbanoGhost ransomware continues to pose a significant threat globally, now targeting organisations in over 70 countries. This ransomware variant is particularly insidious due to its ability to encrypt data swiftly and demand …
As cybersecurity regulations tighten, AI is transforming the CISO’s role, automating audits, enhancing risk assessments, and ensuring real-time compliance with NIS2, DORA, and the AI Act. While AI streamlines security governance, challenges around transparency and bias remain. This article explores how Retrieval-Augmented Generation (RAG) enhances traceability and reliability in cybersecurity compliance.
How I separate noise from real risk… I’ve been asked numerous times how I select the threat groups I write about – why one and not another. So, I thought I’d take a perfectly good Sunday afternoon to share. MITRE currently tracks at least 133 …
The Caribbean is taking significant strides in enhancing its cybersecurity resilience through regional collaboration, strategic planning, and proactive policy-making. With the increasing prevalence of cyber threats, nations in the region are working together to strengthen digital security and combat cybercrime. Regional Collaboration and Cyber Resilience …
Information Security News Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End EncryptionGlobal Encryption Coalition by Ryan Polk The Global Encryption Coalition is actively opposing the UK government’s utilisation of the Investigatory Powers Act to erode end-to-end encryption, asserting that …
In a recent feature from (In)Securities, Bill Toulas of BleepingComputer highlighted an emerging cyber threat known as “syncjacking.” This method exploits the synchronization features of browsers like Chrome to hijack user sessions across devices. By seducing users into installing malicious extensions, attackers gain access to …
Information Security News Thai authorities detain four Europeans in ransomware crackdown Cyberscoop by Greg OttoIn a coordinated operation, Thai authorities arrested four European nationals in Phuket, suspected of orchestrating Phobos ransomware attacks. The individuals allegedly extorted approximately $16 million in Bitcoin from over 1,000 victims …
Opinion: Disinformation, Attacks on Society, and Our Responsibility as Infosec Professionals
The world’s full of information-borne threats to society – from active baddies to those who support them. As professionals, there is a lot we can and should do to stop these.