Midsized to large organizations often employ a large number of tools and have many interconnected relationships with other organizations and external users. With a complex network of technologies, users, and partners, it can be challenging to maintain control over every…
Category: Information Security Buzz
Espionage Tools Associated with China Used in Ransomware Attacks
Espionage actors linked to China may be diversifying their operations, as new evidence points to the use of espionage tools in a recent ransomware attack against a South Asian software and services company. Symantec Threat Intelligence reports that the attack,…
The Inside Man: Security Training on a Grand Scale
The Inside Man is security training like no other. Now in its sixth season, KnowBe4’s Netflix-style security awareness video series boasts a compelling storyline, memorable characters, and, most noticeably, a budget other training providers could only dream of. But does…
From Sweethearts to Swindlers: Valentine’s Day Fraud Surges
As people celebrate Valentine’s Day today, malicious actors are jumping on the love bandwagon in an opportunity to exploit heightened emotions and consumer spending with a wave of scam emails. According to the latest findings from Bitdefender Antispam Lab, a…
The Art of Teaching Cybersecurity Through Storytelling
Storytelling is one of the most ancient and effective forms of human teaching. Just like prehistoric tales warned of the perils lurking in the wild, modern narratives can teach people about the perils lurking in cyberspace. We recently sat down…
How CIOs can lead the charge on AI, data, and business innovation
The growing momentum behind business innovation, particularly in the realm of AI and data, is increasingly driving how businesses operate, invest, and deliver value. Whilst this may not appear different from previous years, the proliferation of new technologies and tools…
Russia-Linked Seashell Blizzard Intensifies Cyber Operations Against Critical Sectors
The Russia-linked threat actor known as Seashell Blizzard has assigned one of its subgroups to gain initial access to internet-facing infrastructure and establish long-term persistence within targeted entity, a Microsoft report has revealed. Also dubbed APT44, BlackEnergy Lite, Sandworm, Telebots,…
CISA, FBI Warn of Threats Exploiting Buffer Overflow Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a new Secure by Design Alert warning about the risks posed by buffer overflow vulnerabilities in software. The alert, titled “Eliminating Buffer Overflow Vulnerabilities,”…
Inside the Söze Syndicate: MFA Flaws, and the Battle for SMB Security
Small and medium-sized businesses are highly vulnerable to Business Email Compromise (BEC) attacks. Threat actors are evolving, exploiting human error and trust while leveraging automation tools and AI. To shed light on this evolving threat, Information Security Buzz spoke with…
DeepSeek-R1: A Smorgasbord of Security Risks
In the short time since its debut, DeepSeek has made waves in the AI industry, garnering praise as well as scrutiny. The model’s meteoric rise has fueled debate over its claimed efficiency, intellectual property worries, and its general reliability and…