Information Security News 89% of Enterprise GenAI Usage Is Invisible to Organizations, Exposing Critical Security Risks The Hacker NewsA new report reveals that a staggering 89% of generative AI usage within enterprises remains undetected, exposing organisations to severe security risks. This covert AI activity can lead to significant data breaches and compromise system integrity. To […]
cybersecurity
Safer Internet Day: The Business Model of Cyber Attacks in the Digital Era by Saba Bagheri, PhD
Every year, Safer Internet Day reminds us of the importance of making the internet a safer place for everyone. Initially conceived as a tool to connect people and make life more convenient, the internet has evolved into a cornerstone of modern living. Yet, it has also become a breeding ground for a darker reality: the […]
Week 9 – Palo Alto PAN-OS Authentication Bypass
03-10 March 2025 Palo Alto PAN-OS authentication bypass exploited in the wild: CVE-2025-0108 This week’s #CVEofTheWeek is about an actively exploited critical Authentication Bypass vulnerability in Palo Alto PAN-OS. PAN-OS is the software that runs all Palo Alto Networks Next-Generation Firewalls (NGFW). The high-level properties of this CVE are very familiar to last year’s CVE-2024-0012. […]
DeepSeek: Revolutionizing Operational Technology by Rupesh Shirke
In today’s fast-paced industrial landscape, the integration of advanced technologies in operational processes is no longer optional; it’s essential. DeepSeek stands at the forefront of this transformation, offering innovative solutions that enhance efficiency, safety, and productivity across various sectors. At its core, DeepSeek leverages cutting-edge artificial intelligence and machine learning algorithms to analyze vast amounts […]
Smart Security Everywhere: Empowering CXOs with Always-On Protection
by Shantanu Bhattacharya Posted on February 20, 2025 | Originally published on RSAC Conference 🔗 Read the original article on RSAC Conference In today’s digital-first business landscape, Chief Experience Officers (CXO) are frequently on the move, driving business growth outside the organization’s secure network perimeter. However, this mobility comes with a significant risk: their laptops, […]
Cyber (In)Securities – Issue 126
Information Security News Ghost Ransomware Targets Orgs in 70+ CountriesDark Reading by Elizabeth MontalbanoGhost ransomware continues to pose a significant threat globally, now targeting organisations in over 70 countries. This ransomware variant is particularly insidious due to its ability to encrypt data swiftly and demand ransoms, leading to severe disruptions across multiple sectors. The widespread […]
Cybersecurity Developments in the Caribbean: Regional Collaboration and Strategic Growth by Dale Connell
The Caribbean is taking significant strides in enhancing its cybersecurity resilience through regional collaboration, strategic planning, and proactive policy-making. With the increasing prevalence of cyber threats, nations in the region are working together to strengthen digital security and combat cybercrime. Regional Collaboration and Cyber Resilience Strategy In January 2025, cybersecurity experts from The Bahamas, Barbados, […]
Cyber (In)Securities – Issue 125
Information Security News Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End EncryptionGlobal Encryption Coalition by Ryan Polk The Global Encryption Coalition is actively opposing the UK government’s utilisation of the Investigatory Powers Act to erode end-to-end encryption, asserting that this undermines both personal privacy and national security. An open […]
Your Browser’s Betrayal:Understanding Syncjacking Attacks
In a recent feature from (In)Securities, Bill Toulas of BleepingComputer highlighted an emerging cyber threat known as “syncjacking.” This method exploits the synchronization features of browsers like Chrome to hijack user sessions across devices. By seducing users into installing malicious extensions, attackers gain access to synced data, including passwords, browsing history, and authentication tokens. With […]
Cyber (In)Securities – Issue 124
Information Security News Thai authorities detain four Europeans in ransomware crackdown Cyberscoop by Greg OttoIn a coordinated operation, Thai authorities arrested four European nationals in Phuket, suspected of orchestrating Phobos ransomware attacks. The individuals allegedly extorted approximately $16 million in Bitcoin from over 1,000 victims globally. The operation, codenamed “Phobos Aetor,” involved raids across multiple […]