News
-
China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses
NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems Read More
-
92% of Mobile Apps Found to Use Insecure Cryptographic Methods
Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks Read More
-
Insurance firm Lemonade warns of breach of thousands of driving license numbers
A data breach at insurance firm Lemonade left the details of thousands of drivers’ licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that was likely to have exposed “certain driver’s license numbers for identifiable individuals.”…
-
Scalper Bots Fueling DVSA Driving Test Black Market
DataDome warns that DYI bots are snapping up driving test places en masse Read More
-
Chaos Reins as MITRE Set to Cease CVE and CWE Operations
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database Read More
-
Chaos Reigns as MITRE Set to Cease CVE and CWE Operations
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database Read More
-
Cybersecurity Warrior Mindset
As stated in my recent blog, CISO: Chief Cybersecurity Warrior Leader, I define warrior-leadership as a term that combines the concepts of leadership and expertise in the field of cybersecurity with the mindset and traits of a warrior. A warrior mindset helps leaders remain calm, focused, and effective in addressing and resolving complex challenges. In…
-
Funding Expires for Key Cyber Vulnerability Database
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each…
-
RansomHouse ransomware: what you need to know
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator’s infrastructure to extort money from victims. Read more in my article on the Fortra blog. Read More
-
Slopsquatting
As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names—laced with malware, of course. Read More