China looks to classify online data in draft security laws

China has released draft regulations that seek to classify online data based on their importance to national security and public interest, amongst others. Data protection requirements then will be tied…

Home Affairs launches new principles for critical technology supply chain security

The federal government has released a new set of voluntary principles aimed at providing guidance to organisations in how they protect critical technologies from cyber attacks. Labelled the Critical Technology…

Threat from Organized Cybercrime Syndicates Is Rising

Europol reports that criminal groups are undermining the EU’s economy and its society, offering everything from murder-for-hire to kidnapping, torture and mutilation. From encrypting communications to fencing ill-gotten gains on…

Costco Confirms: A Data Skimmer’s Been Ripping Off Customers

Big-box behemoth retailer Costco is offering victims 12 months of credit monitoring, a $1 million insurance reimbursement policy and ID theft recovery services. Costco has discovered a payment card skimming…

Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day

There has been considerable debate within the cybersecurity community about Randori, a security firm that waited one year before disclosing a critical buffer overflow bug it discovered in Palo Alto…

CISA warns of equipment vulnerabilities from multiple vendors

CISA has released a notice urging administrators to apply updates to a variety of industrial control systems after discovering vulnerabilities in multiple open-source and proprietary Object Management Group (OMG) Data-Distribution…

Top 10 Cybersecurity Best Practices to Combat Ransomware

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile. If you’re like most IT professionals, the…

UK Funds Project to Teach Autistic Children Cybersecurity Skills

UK Funds Project to Teach Autistic Children Cybersecurity Skills A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a…

Ransomware experts question massive Pysa/Mespinoza victim dump

The Pysa ransomware group dumped dozens of victims onto their leak site this week right after US law enforcement officials announced a range of actions taken against ransomware groups.  More…

Email Filters Duped by Tiny Font Size in BEC Phishing Attacks

A new Business Email Compromise (BEC) operation aimed at Microsoft 365 consumers employs a variety of highly developed obfuscation techniques in phishing emails that can trick natural language processing filters…