Tag: GRC
“What happens to Heroes ?” EPISODE #3: The short story long by Didier Annet
The Psychological Impacts of Cyberattacks This is the third episode of a story related to individuals who, in a matter of moments, transition from “employees” to “rescuers” in the immediate aftermath of a destructive cyberattack. What I will call the “Heroes” The hidden impact of …
Cyber (In)Securities – Issue 137
Information Security News
1. Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed
The Register – Thomas Claburn
Read more
2. CoffeeLoader Malware Is Stacked With Viscous Evasion Tricks
Dark Reading – Becky Bracken
Read more
3. Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attack
BleepingComputer – Bill Toulas
Read more
4. DoJ Seizes Over $8M From Sprawling Pig Butchering Scheme
Dark Reading – Kristina Beek
Read more
5. North Korean hackers adopt ClickFix attacks to target crypto firms
BleepingComputer – Bill Toulas
Read more
6. Russia-Linked Gamaredon Targets Ukraine with Remcos RAT
Security Affairs – Pierluigi Paganini
Read more
7. Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
The Hacker News – Ravi Lakshmanan
Read more
8. Australian Kaspersky ban triggered by detection in gov agency supply chain
itNews – Ry Crozier
Read more
9. Experts Warn of the New Sophisticate Crocodilus Mobile Banking Trojan
Security Affairs – Pierluigi Paganini
Read more
10. U.S. seized $8.2 million in crypto linked to ‘Romance Baiting’ scams
BleepingComputer – Bill Toulas
Read more
11. EU plans €1.3 billion to boost continent’s cybersecurity, AI skills
SC Media – Shaun Nichols
Read more
12. ‘Incel’ accounts using self-improvement language to avoid TikTok bans – study
The Guardian – Daniel Boffey
Read more
13. Threat actor in Oracle Cloud breach may have gained access to production environments
Cybersecurity Dive – David Jones
Read more
14. BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
The Hacker News – Ravi Lakshmanan
Read more
15. Malaysia PM Refuses to Pay $10M Ransomware Demand
Dark Reading – Kristina Beek
Read more
16. Hackers Bypass Windows Defender Security—What You Need To Know
Forbes – Davey Winder
Read more
17. ENISA space threat landscape report highlights cybersecurity gaps in commercial satellites, urges enhanced defense
Industrial Cyber News – Anna Ribeiro
Read more
18. FBI investigates cyberattack at Oracle, patient records breached
Cybernews/Reuters
Read more
19. DOGE Plans to Rebuild SSA Code Base in Months, Risking Benefits and System Collapse
Wired – Makena Kelly
Read more
ANALYSIS
20. Introduction to AI in Cyber Warfare: The Weaponisation of AI in Cyber Warfare – Part 1 of a 6 Part Series
PrivID (Substack)
Read more
21. Innovating to Improve Cybersecurity is Forever a Work in Progress
TN Global – James Ngyuen
Read more
22. Manufacturing Cybersecurity Threats Sharply Grew in 2024
Manufacturing Digital – Rachael Brown
Read more
23. Cybersecurity for Small and Medium Businesses in 2025: Challenges and Solutions
itWire – Ansel Murphy
Read more
24. The AI-Powered Erosion Of Reality: Closing The Human Vulnerability Gap In Cybersecurity
Forbes – Stephen Moore
Read more
25. Why Your Browsers Should Be At The Center Of Your Cybersecurity Strategy
Forbes – Anand Oswal
Read more
CyAN Special Feature: Behind the Keys – Women Who Secure the Future
26. Interview with Irene Corpuz, recognised as one of the ‘Top 20 Cybersecurity Woman of the World’ in 2024
CyAN Website
Read more
27. Interview with Daniela Fernandez, Division Director, Technology and Cyber Security Risk at Macquarie Group
CyAN Website
Read more
CyAN Members: NEWS
28. Dan Elliott on Behavioural Change in Cybersecurity
CyAN LinkedIn
Read more
29. CyAN Member Prabhat Pathak Passes His Certified Ethical Hacker Exam
CyAN LinkedIn – Member Spotlight
Read more
30. Bharat Raigangar to Speak at the Third Party and Supply Chain Cyber Security Summit (SCCS)
CyAN LinkedIn – Event Spotlight
Read more
Upcoming CyAN (and CyAN Partner) Global Events:
- Supply Chain Cyber Security Summit (SCCS), Lisbon, Portugal: April 9–11 Read more
- GITEX AFRICA, Marrakesh, Morocco: April 14–16 Read more
- GITEX ASIA, Singapore (Marina Bay Sands): April 23–25 Read more
- GISEC, Dubai World Trade Centre, UAE: May 6–8 Read more
- The Cyber Outstanding Security Performance Awards (Cyber OSPAs), London, UK: May 8 Read more
- CSG Awards 2025, Dubai: May 7 Read more
- World AI Technology Expo, Dubai, UAE: May 14–15 Read more
- CyAN 10th Anniversary Celebrations!
- GITEX Europe Messe, Berlin, Germany: May 21–23 Read more
- MaTeCC, Rabat, Morocco (The third annual North Africa cybersecurity event, hosted by CyAN partner École High-Tech): June 7–9, 2025 Read more
- CyAN Q2 Community Call (APAC and the Gulf): June 11, 12:00 GST / 16:00 SGT / 18:00 AEST
- CyAN Q2 Community Call (EMEA and the Americas): June 11, 20:00 GST / 18:00 CET / 17:00 UTC / 12:00 EDT
👉 Visit us on LinkedIn – like and share!
Welcome New Member – Abid Malik from Dubai
Please welcome our newest member from Dubai, Abid Malik! Abid Malik isn’t just a GRC and cybersecurity advisor—he’s a strategist who turns risk management into business opportunities. With 20+ years of experience across banking, fintech, and multinational sectors, he helps businesses strengthen security, navigate regulations, …
Cyber (In)Securities – Issue 130
Information Security News House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies SecurityWeek by Eduard KovacsThe U.S. House of Representatives has recently passed a bill that mandates federal contractors to establish vulnerability disclosure policies. This legislative move aims to strengthen the security of …
Cyber (In)Securities – Issue 129
Information Security News
Latin American Orgs Face 40% More Attacks Than Global Average
Dark Reading by Nate Nelson
Organisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the region, exacerbated by rapid digital transformation and targeted attacks by sophisticated cybercriminals.
Latin American businesses are urged to significantly enhance their cyber defenses and implement comprehensive security strategies. Emphasising the need for advanced threat detection systems and robust cybersecurity training, these measures are crucial to mitigate escalating threats and protect vital infrastructures.
Read more
Nearly 12,000 API Keys and Passwords Found in AI Training Dataset
BleepingComputer by Ionut Ilascu
A concerning discovery in an AI training dataset has surfaced nearly 12,000 API keys and passwords, highlighting significant security vulnerabilities. This incident demonstrates the risks associated with using real-world data in machine learning projects without stringent verification and cleansing processes.
The inadvertent exposure of sensitive credentials could lead to substantial security breaches, emphasising the urgent need for robust data sanitisation protocols and enhanced privacy protection measures in AI development. Organisations must prioritize tightening their data handling practices to prevent similar vulnerabilities and protect sensitive information from potential cyber threats.
Read more
DHS Says CISA Won’t Stop Looking at Russian Cyber Threats
Cyberscoop by Tim Starks
The Department of Homeland Security (DHS) has reaffirmed its commitment to monitoring Russian cyber threats, as stated by the Cybersecurity and Infrastructure Security Agency (CISA). This comes amid escalating global tensions and increasing cyber activities from state-sponsored groups.
CISA emphasises the continuous need for vigilance and proactive measures to counter these threats effectively. The agency’s ongoing focus on Russian cyber operations underscores the critical importance of national cyber defence strategies in protecting U.S. infrastructures and maintaining cybersecurity resilience.
Read more
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
The Hacker News by Ravie Lakshmanan
Hackers are exploiting misconfigurations in Amazon Web Services (AWS), specifically targeting SES and WorkMail, to launch sophisticated phishing attacks. This tactic allows cybercriminals to send seemingly legitimate emails from trusted domains, significantly increasing the likelihood of successful scams.
The incidents highlight the critical vulnerabilities associated with cloud services and the necessity for stringent security practices. Organisations using AWS are urged to conduct regular security audits and tighten configurations to thwart these phishing schemes and protect sensitive data from being compromised.
Read more
EU’s New Product Liability Directive & Its Cybersecurity Impact
Dark Reading by Jatin Mannepalli
The EU’s New Product Liability Directive introduces significant changes with profound implications for cybersecurity across member states. This legislation extends liability to include digital products, compelling manufacturers to ensure higher security standards to avoid legal repercussions.
It’s designed to protect consumers from potential harms caused by digital products and services, including those related to cybersecurity breaches. This directive not only aims to enhance consumer protection but also pushes companies to adopt more rigorous cybersecurity measures, thereby elevating the overall security posture within the digital marketplace.
Read more
Microsoft Unveils Finalized EU Data Boundary as European Doubt Over US Grows
The Register by Richard Speed
Microsoft has officially finalized the EU Data Boundary, responding to increasing European concerns about data privacy and the handling of information by U.S. entities. This strategic move ensures that all personal data from European customers will be stored and processed within EU borders, aligning with stringent EU data protection regulations.
The implementation of this boundary aims to mitigate legal risks, enhance data sovereignty, and strengthen trust among European users. It reflects Microsoft’s commitment to addressing privacy concerns and adapting to global demands for more localised and secure data management practices.
Read more
UK Watchdog to Investigate TikTok and Reddit Over Use of Children’s Data
The Guardian by Robyn Vinter
The UK watchdog is set to investigate TikTok and Reddit for their handling of children’s data, raising significant concerns about privacy and protection online. This inquiry highlights potential violations of data protection laws intended to safeguard minors from misuse of their personal information on these platforms.
The investigation aims to ensure that both social media giants adhere strictly to legal standards, emphasising the importance of robust age verification processes and transparent data usage policies. This action underscores the growing urgency to protect young users in the digital landscape, where personal data is often vulnerable to exploitation.
Read more
C++ Creator Calls for Help to Defend Programming Language from ‘Serious Attacks’
The Register by Thomas Claburn
Bjarne Stroustrup, the esteemed creator of C++, has urgently called for support to defend the programming language from what he terms as ‘serious attacks’. These attacks compromise the integrity and efficiency of C++, potentially undermining its reliability and performance for developers globally.
Stroustrup emphasises the critical importance of rallying the programming community to protect C++ and maintain its foundational role in software development, impacting a vast array of applications across various industries. He stresses the potential long-term implications for technological innovation and software integrity if these challenges are not addressed effectively.
Read more
LinkedIn Scam Emails Warning
ITWire by Gordon Peters
Amid rising cybersecurity concerns, LinkedIn users are increasingly targeted by sophisticated scam emails that mimic official communications. These phishing attempts are designed to steal personal data by convincing users to click on malicious links that appear to be legitimate LinkedIn updates.
Security experts are sounding the alarm, highlighting the growing prevalence and sophistication of these scams. They strongly urge users to be vigilant, to verify the authenticity of messages, and to understand the risks to their personal information online amid these evolving cyber threats, emphasising the need for enhanced digital literacy.
Read more
Extreme Online Violence May Be Linked to Rise of ‘0 to 100’ Killers, Experts Say
The Guardian by Rachel Hall
Experts are increasingly concerned about the link between extreme online violence and the emergence of ‘0 to 100’ killers, individuals who rapidly escalate from no criminal background to committing severe acts of violence. This phenomenon is being studied as part of broader efforts to understand how digital environments influence offline behaviour.
Researchers are examining patterns in online activity that may predict these sudden violent outbursts, suggesting that early intervention could prevent potential tragedies. The focus is on creating tools and strategies to identify and mitigate these risks before they manifest in real-world violence.
Read more
Ransomware Gangs Exploit Paragon Partition Manager Bug in BYOVD Attacks
BleepingComputer by Bill Toulas
Ransomware gangs are exploiting a vulnerability in Paragon Partition Manager to conduct BYOVD (Bring Your Own Vulnerable Driver) attacks. This technique allows attackers to bypass security measures by using legitimate but flawed drivers.
Security researchers warn that this vulnerability is particularly dangerous because it enables ransomware to gain deep system access without immediate detection. The exploit has been used in several high-profile ransomware campaigns, highlighting the critical need for updates and patches to protect against such sophisticated cyber threats. Efforts are underway to mitigate the risk by providing timely security updates and educating users on the importance of maintaining software integrity.
Read more
Tarlogic Discovers Security Flaw Allowing Eavesdropping on Private Conversations via Bluetooth Headset Microphone
IT Security Guru by Daniel Tannenbaum
Tarlogic Security has uncovered a significant flaw in Bluetooth technology that allows eavesdropping on private conversations via Bluetooth headset microphones. This vulnerability can be exploited without alerting the device owner, making it a serious privacy concern.
Researchers at Tarlogic warn that this flaw not only breaches individual privacy but also poses a risk to corporate security if sensitive business discussions are intercepted. The discovery has prompted calls for immediate updates to Bluetooth security protocols to prevent such vulnerabilities and protect users from potential espionage.
Read more
SolarWinds CISO Says Security Execs Are ‘Nervous’ About Individual Liability for Data Breaches
Cyberscoop by Derek B. Johnson
Tim Brown, the CISO of SolarWinds, has voiced concerns that security executives are becoming increasingly nervous about being held personally liable for data breaches. This anxiety is driven by the rising frequency and severity of cyber attacks, which are putting immense pressure on security frameworks.
Brown emphasises the need for robust security measures and proactive risk management strategies to protect against potential breaches. Additionally, there is a call for clearer regulations and support systems to help security professionals manage these challenges without the fear of personal repercussions.
Read more
Attackers Could Hack Smart Solar Systems and Cause Serious Damage
Security Affairs by Pierluigi Paganini
Security researchers have raised alarms over vulnerabilities in smart solar systems that could be exploited by hackers to cause serious damage. These systems, integral to renewable energy grids, can be remotely accessed if not properly secured, allowing attackers to manipulate energy production or disrupt power supplies.
The potential for such attacks underscores the need for stringent security measures in the burgeoning smart energy sector. This threat not only poses risks to energy stability but also highlights broader implications for national security as reliance on renewable technologies increases.
Read more
US Soldier Intends to Admit Hacking 15 Telecom Carriers
Dark Reading by Kristina Beek
A US soldier has signalled intentions to plead guilty to hacking into the systems of 15 telecom carriers, exposing significant vulnerabilities in telecommunications security. This case highlights the risk of insider threats where individuals exploit their technical skills and security clearances to access sensitive information, posing serious implications for national security.
The incident has prompted authorities to reevaluate and strengthen security protocols across the telecommunications industry, emphasising the need for rigorous access controls and ongoing surveillance to prevent future breaches.
Read more
Qilin Ransomware Claims Attack at Lee Enterprises, Leaks Stolen Data
BleepingComputer by Bill Toulas
Qilin ransomware has targeted Lee Enterprises, marking a significant breach in media cybersecurity. The group behind the attack has not only encrypted the company’s data but also begun leaking sensitive information to pressure for a ransom.
This incident highlights the increasing threat ransomware poses to the media sector, where disruptions can significantly impact operations and information integrity. Lee Enterprises is currently assessing the damage and coordinating with cybersecurity experts to mitigate the effects, reinforce their defenses, and prevent future attacks.
Read more
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
The Hacker News by Ravie Lakshmanan
Amnesty International has reported that a zero-day exploit in Cellebrite’s forensic technology was used to unlawfully access the Android phone of a Serbian activist. This breach underscores significant privacy concerns and the potential for misuse of surveillance tools.
The exploit enabled unauthorised access to sensitive personal data, exposing vulnerabilities in technologies that are commonly used by law enforcement worldwide. This incident has intensified calls for more stringent regulations on digital surveillance tools to prevent their use in political repression or other harmful activities, advocating for an international effort to protect digital rights and ensure privacy.
Read more
Meta Apologises Over Flood of Gore, Violence, and Dead Bodies on Instagram
The Guardian by Dan Milmo
Meta has issued an apology following a surge of disturbing content on Instagram, including graphic violence and images of deceased individuals. This influx has sparked widespread criticism and raised questions about the platform’s content moderation policies.
Meta has acknowledged the distress caused to users and is reviewing its algorithms and moderation practices to better detect and filter out such inappropriate content. The company has reiterated a commitment to improving its systems to ensure that Instagram remains a safe space for its community, emphasising the importance of safeguarding user experience against harmful content.
Read more
Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains
The Hacker News by Ravie Lakshmanan
Cybersecurity researchers have identified a new threat where fake CAPTCHA PDFs are being used to distribute Lumma Stealer malware across multiple domains, including Webflow and GoDaddy. This sophisticated scheme tricks users into downloading malware under the guise of verifying identity, exploiting trusted website functionalities.
The Lumma Stealer can extract a wide range of personal information, leading to significant privacy breaches. Experts are urging users to be cautious with downloads and to verify the authenticity of files and requests, especially when prompted by unexpected security checks.
Read more
Microsoft Disrupted a Global Cybercrime Ring Abusing Azure OpenAI Service
Security Affairs by Pierluigi Paganini
Microsoft has successfully disrupted a global cybercrime ring that was abusing its Azure OpenAI service. The operation involved cybercriminals using the service for malicious activities, including phishing and spreading malware.
Microsoft’s intervention highlights the ongoing battle against cyber threats exploiting cloud platforms. The company’s proactive measures have prevented further misuse, demonstrating the critical need for continuous monitoring and rapid response capabilities in cloud services. This event underscores the importance of vigilance and technological readiness in thwarting cybercriminal activities that leverage powerful cloud-based tools.
Read more
Farm and Food Cybersecurity Act Reintroduced to Protect Food Supply Chain from Cyber Threats
Industrial Cyber by Anna Ribeiro
The US Farm and Food Cybersecurity Act has been reintroduced to bolster cybersecurity across the food supply chain. This legislative push aims to protect critical infrastructure from cyber threats that could disrupt food production and distribution.
The act calls for enhanced security protocols, collaboration between government agencies and private sectors, and increased funding for cybersecurity measures. This initiative highlights the growing recognition of the vulnerability of the agricultural sector to cyber attacks, emphasising the importance of safeguarding this essential industry from potential disruptions.
Read more
Over 49,000 Misconfigured Building Access Systems Exposed Online
BleepingComputer by Bill Toulas
Over 49,000 building access control systems have been found exposed online due to misconfigurations, posing a significant security risk. These systems, which manage entry to facilities, could potentially allow unauthorised access if exploited by cybercriminals.
The exposure highlights a widespread issue in the security practices surrounding building management systems and underscores the need for stringent security audits and configurations. Cybersecurity experts are calling for immediate action to address these vulnerabilities to prevent potential breaches that could compromise both physical and data security.
Read more
ANALYSIS
Third-Party Risk Tops Cybersecurity Claims
Dark Reading by Robert Lemos
Recent findings reveal that third-party risks now lead as the primary cause of cybersecurity claims, underscoring the significant vulnerabilities associated with external collaborations. These risks stem from inadequate security measures among vendors and partners, potentially leading to data breaches and substantial financial losses.
The rise in such claims highlights the necessity for Organisations to enhance their third-party risk management protocols, ensuring rigorous security assessments and continuous monitoring of external entities. This proactive approach is essential to safeguard sensitive data and maintain robust cybersecurity defenses in an interconnected business environment.
Read more
Top 10 Most Probable Ways a Company Can Be Hacked
Dark Reading by Erich Kron
Cybersecurity expert Erich Kron has compiled a list of the top ten most probable ways companies can fall victim to hackers. This list serves as a crucial guide for businesses aiming to bolster their cyber defences.
The vulnerabilities range from phishing and malware to weak passwords and unsecured remote access. Kron emphasises the importance of awareness and proactive measures, such as regular updates, training employees, and implementing strong access controls. Highlighting these common vulnerabilities aims to empower companies to better protect themselves from increasingly sophisticated cyber threats.
Read more
This 5-Year Tech Industry Forecast Predicts Some Surprising Winners – and Losers
ZDNet by Joe McKendrick
A recent five-year forecast for the tech industry has identified potential winners and losers, shedding light on expected shifts in market dynamics. The report predicts that emerging technologies like artificial intelligence and blockchain will see significant growth, while traditional sectors may face challenges adapting to rapid technological changes.
Analysts stress the importance of innovation and flexibility for companies aiming to thrive in this evolving landscape. The forecast serves as a strategic guide for stakeholders to anticipate changes and strategically position themselves for success in the competitive tech arena.
Read more
3 Things to Know About AI Data Poisoning
Dark Reading by Arvind Nithrakashyap
AI data poisoning is emerging as a critical cybersecurity threat, allowing attackers to manipulate machine learning models by corrupting their training data. This technique can degrade AI performance, introduce biases, or even cause systems to make harmful decisions.
Security experts warn that as AI becomes more integrated into critical sectors like healthcare, finance, and cybersecurity, the risk of poisoned data grows. Organisations are urged to implement robust data validation, adversarial testing, and security protocols to safeguard AI integrity and prevent malicious exploitation of AI-driven technologies.
Read more
Fortifying Financial Services Cybersecurity with Threat Intelligence and Cybersecurity Automation
Financial IT by Chris Jacob
The financial sector is ramping up cybersecurity efforts by integrating threat intelligence and automation to combat increasingly sophisticated cyber threats. Experts highlight how automation enhances threat detection and response times, reducing reliance on manual processes that leave institutions vulnerable.
By leveraging AI-driven security measures, financial firms can better predict, prevent, and mitigate cyber attacks. As cybercriminal tactics evolve, industry leaders emphasise the necessity of real-time intelligence and automated defenses to protect sensitive financial data and maintain customer trust.
Read more
CyAN Members: Op Eds, Articles, etc:
The Cost of Silence: Enhancing Cyber Safety to Address Domestic Violence’s Impact on Women’s Employment and Education
Kim Chandler McDonald
CyAN Global VP Kim Chandler McDonald explores how technology-facilitated abuse disrupts women’s employment and education, limiting financial independence and career growth. She highlights the role of digital safety in preventing coercive control and ensuring that survivors can access opportunities without fear of online harassment.
The article advocates for stronger policies, employer awareness, and cybersecurity solutions that protect at-risk individuals. By addressing these challenges, Kim underscores the urgent need for systemic changes to create safer digital spaces and empower affected women.
Read more
Open Letter – Support for Responsible Cybersecurity Vulnerability Disclosure in Germany
CyAN Staff
CyAN staff have issued an open letter advocating for responsible cybersecurity vulnerability disclosure in Germany, emphasising the need for clear legal protections for security researchers. The letter highlights concerns that without proper safeguards, ethical hackers may face legal repercussions for exposing security flaws.
CyAN calls for legislation that encourages transparency, cooperation, and responsible reporting to strengthen Germany’s cybersecurity posture. The initiative aims to balance security needs with ethical considerations, ensuring researchers can contribute without fear of prosecution.
Read more
CyAN Member’s News
We at CyAN are ALWAYS overjoyed to celebrate our members’ successes and their contributions to the cybersecurity community!
We’re immensely proud to share that two esteemed members of the CyAN community, CyAN member Mohit Makhija and CyAN APAC Director Saba Bagheri, are finalists in the prestigious 2025 Australian Cyber Awards!
Mohit has been recognised in the Cyber Security Professional of the Year category, while Saba has earned accolades in both the Cyber Security Consultant of the Year – Enterprise and Cyber Security Professional of the Year – Government and Defence categories.
Their nominations are a testament to their outstanding contributions and dedication to the field of cybersecurity. Join us in congratulating Mohit and Saba—we are rooting for their success and celebrate their well-deserved recognition!
🔗 Mohit’s LinkedIn Post
🔗 Saba’s LinkedIn Post
And there’s more!
Please join us in celebrating our valued member Mohammed Shakil Khan, who has earned his Independent Director Certification from IICA and is now part of the Independent Director’s Databank of the Ministry of Corporate Affairs, Govt. of India.
Congratulations, Mohammed!
We’re excited to celebrate your achievement in earning the Independent Director Certification from the Indian Institute of Corporate Affairs (IICA) and becoming part of the Independent Director’s Databank under the Ministry of Corporate Affairs, Govt. of India.
This milestone reflects your dedication to corporate governance and leadership. Wishing you continued success in making an impact!
How MITRE ATT&CK Helps Us Understand and Stop Cyber Threats
Fel Gayanilo
CyAN General Secretary Fel Gayanilo explores how the MITRE ATT&CK framework enhances cybersecurity by providing a structured way to identify, analyse, and mitigate cyber threats. The framework helps security teams understand attacker tactics, techniques, and procedures, enabling more effective threat detection and response.
Gayanilo highlights its role in improving incident response, refining threat intelligence, and strengthening organisational security postures. As cyber threats evolve, he emphasises that leveraging frameworks like MITRE ATT&CK is crucial for staying ahead of adversaries and proactively defending critical systems.
Read more
Upcoming CyAN (and CyAN Partner) Global Events:
• Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience webinar, March 6th (EST 6AM, CET 12PM, AEST 10PM)
Register here
• CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence keynote by Dan Elliot, March 12, Peoplebank, Sydney
More info
• Trust & Safety Forum at Forum INCYBER Europe (FIC), Lille, France: April 1-2
More info
• GITEX AFRICA, Marrakesh, Morocco: April 14-16
More info
• GITEX ASIA, Singapore (Marina Bay Sands): April 23-25
More info
• GISEC, Dubai World Trade Center, Dubai, UAE: May 6-8
More info
• The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
More info
• World AI Technology Expo UAE, Dubai, UAE: May 14-15, 2025
More info
• MaTeCC, Rabat, Morocco: June 7-9, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
More info
📄 Download the full issue of CyAN Cyber (In)Securities Issue 12
Click here to view the PDF
Cyber (In)Securities – Issue 126
Information Security News Ghost Ransomware Targets Orgs in 70+ CountriesDark Reading by Elizabeth MontalbanoGhost ransomware continues to pose a significant threat globally, now targeting organisations in over 70 countries. This ransomware variant is particularly insidious due to its ability to encrypt data swiftly and demand …
Australia’s Digital Destiny: Leading the Charge for Online Freedom
Introduction In today’s interconnected world, the importance of digital rights cannot be overstated. While the European Union is making commendable strides in this arena, Australia stands at a pivotal juncture to assert its leadership in championing online freedom. The nation’s commitment to democratic values, coupled …
Cyber (In)Securities – Issue 123
Information Security News:
Federal Judge Tightens DOGE Leash Over Critical Treasury Payment System Access
The Register by Brandon Vigliarolo and Jessica Lyon
A federal judge has mandated stricter regulatory oversight on the integration of Dogecoin (DOGE) within the U.S. Treasury’s critical payment systems, following concerns about the cryptocurrency’s potential to disrupt financial stability. This decision introduces a rigorous review and continuous monitoring framework, reflecting a significant movement towards regulating the use of cryptocurrencies in sensitive government transactions. The measure aims to safeguard against the inherent volatility of digital currencies potentially jeopardising essential financial operations.
🔗 Read More
Russia Ramps Up Cybersecurity Systems
The Jamestown Foundation by Luke Rodeheffer
In response to escalating cyber threats, Russia has significantly bolstered its cybersecurity defences. This strategic upgrade targets key national infrastructure, including government communications, critical databases, and energy networks, to shield against foreign cyber espionage and attacks. Alongside enhancing state systems, Russia has imposed stringent cybersecurity protocols on the private sector, especially in critical industries. These measures reflect Russia’s push toward cyber sovereignty and highlight the role of cybersecurity in global geopolitical dynamics.
🔗 Read More
Coordinates of Millions of Smartphones Feared Stolen, Sparking Yet Another Lawsuit Against Data Broker
The Register by Thomas Claburn
After millions of smartphone users had their GPS coordinates allegedly stolen and sold by a data broker, a class-action lawsuit has been filed accusing the firm of major privacy violations. This lawsuit emphasises the dangers posed by the data brokerage industry’s practices of handling sensitive personal information. It calls for enhanced regulatory measures to protect individuals from unauthorised data harvesting and sale, highlighting the urgent need for legislative reforms to ensure privacy rights in the digital age are respected and enforced.
🔗 Read More
US Cybersecurity Efforts for Spacecraft Are Up in the Air
Dark Reading by Robert Lemos
The U.S. is grappling with establishing a robust cybersecurity framework for its spacecraft as cyber threats targeting space assets intensify. The absence of a unified strategy to safeguard these crucial systems exposes them to significant risks, underscoring the need for dedicated efforts to secure space infrastructure. This involves enhancing collaborations among government entities, aerospace experts, and cybersecurity professionals to develop resilient mechanisms capable of defending against and mitigating potential cyberattacks in the increasingly contested space domain.
🔗 Read More
Critical RCE Bug in Microsoft Outlook Now Exploited in Attacks
BleepingComputer by Sergiu Gatlan
A critical remote code execution vulnerability in Microsoft Outlook is currently being exploited, allowing hackers to execute malicious code on affected systems without user interaction. This vulnerability poses a severe security risk, prompting Microsoft to release an urgent patch. Users are strongly advised to update their software to protect against potential attacks that could lead to significant data breaches or further system compromise. The incident highlights the ongoing need for vigilance and prompt action in the face of evolving cyber threats.
🔗 Read More
Thailand Cuts Power and Internet to Areas of Myanmar to Disrupt Scam Gangs
Bitdefender by Graham Cluley
Thailand’s authorities have taken a drastic approach to combating cybercrime by cutting off power and internet services in certain areas of Myanmar known for harbouring scam operations. This measure aims to disrupt the activities of groups involved in extensive online frauds that affect thousands across Southeast Asia. While effective in curtailing these operations, the strategy has raised ethical concerns about the impact on innocent civilians living in the affected areas, prompting a debate on the appropriateness of such severe measures in law enforcement strategies against cybercrime.
🔗 Read More
Coercive Control to Be Treated Like Other Domestic Abuse Offences
The BBC by Imogen James
The UK is expanding its legal framework to criminalise coercive control in the same way as other forms of domestic abuse. The new measures will allow for harsher penalties and increased protections for victims. Lawmakers and advocates stress that digital surveillance, financial control, and online harassment are key components of modern coercion tactics. The reforms acknowledge the rising role of technology in abuse cases and emphasise the need for law enforcement and the judiciary to recognise and combat digital forms of domestic violence.
🔗 Read More
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
The Hacker News by Ravie Lakshmanan
Threat actors are leveraging Go Resty and Node Fetch to execute large-scale password spraying attacks, attempting to breach accounts across multiple platforms. Security researchers observed over 13 million login attempts, with attackers exploiting weak credentials and outdated authentication methods. The report highlights the need for stronger password policies, multi-factor authentication, and proactive threat monitoring. As password spraying remains a persistent attack vector, organisations are urged to implement stricter authentication controls to counter mass credential-stuffing attacks.
🔗 Read More
Attackers Target Education Sector, Hijack Microsoft Accounts
Dark Reading by Elizabeth Montalbano
The education sector is facing a surge in cyberattacks, with hackers hijacking Microsoft accounts to infiltrate networks. Threat actors are using compromised credentials to spread malware, exfiltrate sensitive student data, and disrupt school operations. Security analysts warn that educational institutions are particularly vulnerable due to lax cybersecurity controls and outdated infrastructure. Experts recommend bolstering account security with multi-factor authentication and stronger network segmentation to prevent attackers from moving laterally within compromised environments.
🔗 Read More
Lawmakers Fear Elon Musk, DOGE Not Adhering to Privacy Rules
CyberScoop by Tim Starks
U.S. lawmakers are raising alarms over Elon Musk’s Department of Government Efficiency (DOGE), questioning whether it is complying with federal privacy regulations. Concerns centre on DOGE’s alleged access to sensitive federal data without proper oversight. Critics warn that such a lack of transparency could pose national security risks and set a dangerous precedent for private entities managing government infrastructure. Lawmakers are calling for greater accountability and regulatory scrutiny to ensure compliance with data protection standards.
🔗 Read More
CISA Orders Agencies to Patch Linux Kernel Bug Exploited in Attacks
BleepingComputer by Sergiu Gatlan
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch a newly discovered Linux kernel vulnerability that is being actively exploited. The flaw allows attackers to execute arbitrary code and escalate privileges on compromised systems. CISA warns that failing to apply the patch could leave critical infrastructure exposed to cyber threats. Organisations using affected Linux distributions are urged to update their systems immediately to mitigate the risk of exploitation.
🔗 Read More
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
Dark Reading by Jai Vijayan
Researchers warn that misconfigured and abandoned AWS cloud storage remains a significant security risk, with cybercriminals exploiting unsecured buckets to exfiltrate sensitive data. Attackers are actively scanning for exposed storage containers containing corporate records, API keys, and confidential documents. The report underscores the importance of cloud security hygiene, including regular audits, proper access controls, and encryption to prevent unauthorised access. Businesses are advised to monitor cloud assets and promptly decommission unused storage to mitigate data exposure risks.
🔗 Read More
Crypto-Stealing Apps Found in Apple App Store for the First Time
BleepingComputer by Bill Toulas
Security analysts have uncovered cryptocurrency-stealing apps in the Apple App Store, marking the first known instance of such malware bypassing Apple’s stringent review process. The malicious apps disguise themselves as legitimate wallet utilities but siphon funds from users upon installation. The discovery raises concerns about Apple’s ability to detect sophisticated financial fraud apps. Users are advised to scrutinise app permissions, use verified wallets, and enable security features to prevent unauthorised transactions.
🔗 Read More
Netgear Fixes Critical Bugs as Five Eyes Warn About Break-Ins at the Edge
The Register by Connor Jones
Netgear has patched multiple critical vulnerabilities in its routers following a warning from the Five Eyes intelligence alliance about nation-state actors exploiting network edge devices. Attackers have been leveraging these flaws to gain remote access to corporate and home networks. The disclosure highlights the need for regular firmware updates and robust endpoint protection. Organisations are encouraged to apply patches immediately and monitor network activity for potential intrusions.
🔗 Read More
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The Hacker News by Ravie Lakshmanan
North Korea’s Lazarus Group is deploying a cross-platform JavaScript-based stealer to target cryptocurrency wallets. The malware is designed to harvest credentials and drain funds from compromised systems. The campaign underscores Lazarus Group’s continued focus on financial cybercrime, exploiting both Windows and macOS users. Security researchers advise crypto traders to remain vigilant, use hardware wallets, and monitor for suspicious activity.
🔗 Read More
Spain Arrests Suspected Hacker of US and Spanish Military Agencies
BleepingComputer by Bill Toulas
Spanish authorities have arrested an individual accused of hacking U.S. and Spanish military agencies. The suspect allegedly exfiltrated classified data and sold it on dark web marketplaces. Law enforcement officials are working with cybersecurity experts to assess the full extent of the breach. The case highlights ongoing threats to defense networks and the importance of securing sensitive military data against persistent cyber espionage operations.
🔗 Read More
How Are Modern Fraud Groups Using GenAI and Deepfakes?
Dark Reading by Jennifer Lawinski
Cybercriminals are weaponising generative AI and deepfake technology to launch more convincing fraud campaigns. From AI-generated phishing emails to synthetic voice scams impersonating executives, fraud groups are leveraging automation to scale deception at an unprecedented level. Security experts warn that as AI tools become more accessible, detecting manipulated content will become increasingly difficult. Financial institutions and enterprises must invest in AI-driven fraud detection systems and enhanced user verification measures to counteract this rapidly evolving threat landscape.
🔗 Read More
Global Ransomware Payments Plunge by a Third Amid Crackdown
The Guardian by Dan Milmo
Ransomware payments have dropped by a third in the past year, marking a significant shift in cybercriminal earnings. Law enforcement crackdowns, improved corporate cybersecurity strategies, and increased resistance to paying ransoms have contributed to this decline. However, experts caution that ransomware groups are adapting, with new extortion tactics such as data destruction and double extortion becoming more prevalent. While the financial impact of ransomware is decreasing, the volume of attacks remains high, signalling that the threat is evolving rather than disappearing.
🔗 Read More
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
The Hacker News by Ravie Lakshmanan
Taiwan has banned the use of China-developed DeepSeek AI, citing concerns over national security and potential data leakage risks. Officials warn that AI models trained under Chinese jurisdiction could be exploited for intelligence gathering, reinforcing fears of foreign influence in critical sectors. The move follows similar bans from other governments wary of AI-driven espionage. As geopolitical tensions intersect with AI governance, the decision underscores the growing scrutiny over AI models with opaque data handling policies and their potential risks to sovereignty.
🔗 Read More
GrubHub Data Breach Impacts Customers, Drivers, and Merchants
BleepingComputer by Sergiu Gatlan
A data breach at GrubHub has compromised sensitive information belonging to customers, delivery drivers, and merchants, exposing personal details and payment data. Hackers exploited a security flaw to gain unauthorised access, raising concerns about the security measures in place for food delivery platforms. While GrubHub has yet to disclose the full extent of the breach, cybersecurity analysts stress the need for stronger data protection standards in the gig economy. Users are advised to update their credentials and monitor financial accounts for fraudulent activity.
🔗 Read More
Google Patches Odd Android Kernel Security Bug Amid Signs of Targeted Exploitation
The Register by Iain Thomson
Google has released an emergency patch for an unusual Android kernel security vulnerability that appears to have been actively exploited in targeted attacks. The bug allowed attackers to gain deep access to affected devices, potentially compromising sensitive data. Security researchers note that the vulnerability was likely used in highly targeted campaigns, possibly by nation-state actors. Android users are urged to apply updates immediately, as unpatched devices remain at risk. This incident highlights the growing sophistication of mobile threats and the importance of timely security updates.
🔗 Read More
ANALYSIS
Triskele Labs Annual State of Cyber 2024 Report (DFIR Report)
Triskele Labs
Triskele Labs’ latest Digital Forensics and Incident Response (DFIR) report provides a comprehensive analysis of cybersecurity trends, highlighting the growing sophistication of threat actors. The report examines the increasing use of AI-driven attacks, supply chain vulnerabilities, and ransomware tactics. Key takeaways include the necessity for robust incident response plans, real-time threat intelligence, and enhanced security automation. Businesses are encouraged to integrate proactive cybersecurity strategies to mitigate evolving risks.
🔗 Read More
Cyber Insights 2025: OT Security
SecurityWeek by Kevin Townsend
As operational technology (OT) systems become more interconnected, cybersecurity risks in industrial environments are growing. This article explores how threat actors are increasingly targeting OT infrastructure to disrupt manufacturing, energy, and transportation sectors. Security experts highlight the urgent need for stronger segmentation, access controls, and continuous monitoring to prevent catastrophic failures. Organisations must prioritise OT security to defend against sophisticated cyber threats.
🔗 Read More
How Agentic AI Will Be Weaponized for Social Engineering Attacks
SecurityWeek by Stu Sjouwerman
The rise of agentic AI—AI systems capable of autonomous decision-making—poses new social engineering risks. This article examines how attackers could exploit AI-driven chatbots and voice synthesis tools to manipulate victims at scale. From AI-powered phishing to deepfake scams, adversaries are refining their tactics to deceive even the most security-conscious users. Experts stress the need for AI threat detection frameworks and awareness training to counter the growing risk of AI-driven deception.
🔗 Read More
Why Cybersecurity Needs Probability — Not Predictions
Dark Reading by Vishaal “V8” Hariprasad
Traditional cybersecurity approaches often rely on deterministic risk models, but experts argue that probability-based methods are more effective for anticipating emerging threats. This analysis explores how probabilistic modeling can improve decision-making, helping security teams prioritise threats based on likelihood rather than theoretical worst-case scenarios. By integrating probability-driven risk assessments, organisations can better allocate resources and enhance resilience against evolving cyber threats.
🔗 Read More
What EU AI Act Means for Governance in Financial Sector
FinTech by Louis Thompsett
The EU AI Act is set to introduce strict governance requirements for financial institutions using artificial intelligence, placing an emphasis on transparency, accountability, and risk mitigation. Banks and fintech firms leveraging AI for decision-making—such as credit scoring and fraud detection—will need to implement comprehensive oversight frameworks to comply with the new regulations. Experts warn that non-compliance could result in severe penalties. The Act’s focus on explainability and fairness aims to prevent AI bias, ensuring financial AI models operate with ethical safeguards and consumer protections in mind.
🔗 Read More
STATISTICS & INSIGHTS
Highlights from Last Week’s Cybersecurity Research by evisec – CRD #16
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
- Data on CISO executive influence shows growth but remains inconsistent: A recent study claims 82% now report to CEOs, while others suggest as low as 5%. Nevertheless, influence is rising and the trend remains positive across most sources.
- Security tool sprawl: Large enterprises juggle 83 tools from 29 vendors, undoubtedly hindering efficiency of security operations.
- Basic security paying off: Foundational controls can cut cyber incident costs by 75% according to a study.
- GenAI in cybercrime – no revolution (yet!): Threat actors mainly use it for research, with no evidence of highly advanced offensive applications.
For more insights, explore the latest Cybersecurity Research Digest.
🔗 Read More
An Opportunity for the EU to Support Digital Freedom
CyAN Blog by John Salomon
CyAN Communication Chief John Salomon explores how the EU can champion digital freedom while balancing security and regulation. With increasing concerns over government overreach, censorship, and data sovereignty, he argues that policymakers must prioritise frameworks that protect privacy without stifling innovation. The article calls for greater transparency in surveillance laws, stronger commitments to encryption, and a unified approach to digital rights across member states. As the EU refines its digital policies, Salomon urges decision-makers to seize this moment to reinforce fundamental freedoms in the online world.
🔗 Read More
Australia’s Digital Destiny: Leading the Charge for Online Freedom
By Kim Chandler McDonald
In response to John Salomon’s blog post, CyAN Global VP Kim Chandler McDonald examines Australia’s role in shaping digital freedom, arguing that the country has a pivotal opportunity to set global standards for privacy, cybersecurity, and human rights online. She highlights the tension between national security interests and individual freedoms, emphasising the importance of legislative safeguards to prevent government overreach. The article calls for stronger encryption protections, ethical AI policies, and global collaboration to uphold digital rights. As Australia navigates its digital future, McDonald stresses that proactive leadership is essential to ensuring an open, secure, and equitable online ecosystem.
🔗 Read More
CyAN Members: News
- CyAN board member Gergely Dzsinich will discuss Cybersecurity, Privacy, and International Air Transport at the International Air Transport Association (IATA) World Legal Symposium in Shanghai (18-20 February).
- CyAN Growth Advisor to MEA & India, Bharat Raigangar is speaking at the Achievers X Awards 2025 in Riyadh-KSA on February 10th. Bharat will be discussing CyAN’s contributions in the arenas of Cyber Law, Forensics, Security, and Trust & Safety.
Upcoming CyAN Global Events:
- Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience webinar, March 6th (EST 6AM, CET 12PM, AEST 10PM)
🔗 Register Here - CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence keynote by Dan Elliot, March 12, Peoplebank, Sydney (save the date, general release tickets available soon!)
- GITEX AFRICA, Marrakesh, Morocco: 14-16 April
🔗 Event Details - GITEX ASIA, Singapore (Marina Bay Sands): 23-25 April
🔗 Event Details - GISEC, Dubai World Trade Center, Dubai, UAE: 6-8 May
🔗 Event Details - The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
🔗 Event Details - MaTeCC, Rabat, Morocco: 7-9 June 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
🔗 Event Details
Welcome New Member – Osama Soliman from UAE
Please welcome our newest member from UAE, Osama Soliman! Osama Soliman is a seasoned GRC professional with extensive experience in risk management, internal controls, and regulatory compliance. He currently leads the Risk & Control function at a leading online food delivery platform, overseeing GRC activities …