In a recent advisory, the Department for Science, Innovation and Technology of the United Kingdom alerted the public, particularly in developed countries, to the risks associated with internet-connected devices, including consumer electronics designed for pleasure and smart toys. This warning follows an extensive study that uncovered significant vulnerabilities in such…
3rd Party Risk Management, Critical Infrastructure Security, Governance & Risk Management Concerns Over Supply Chain Vulnerabilities Heightened by National Security and Cyber Threats David Perera (@daveperera) • January 14, 2025 Chinese-made Geely Atlas Pro vehicles ready for sale. (Image: Shutterstock) The United States federal government has issued a directive to…
Data Breaches Expose Vulnerabilities in Location Data Industry A significant data breach has recently come to light involving Gravy Analytics, a prominent player in the location data industry and the parent company of Venntel. The breach reportedly compromises sensitive location data harvested from smartphones, potentially affecting millions of individuals whose…
The Halcyon RISE Team has detected a concerning new ransomware campaign known as Codefinger, aimed at Amazon S3 buckets. This sophisticated attack takes advantage of Amazon Web Services (AWS) Server-Side Encryption with Customer-Provided Keys (SSE-C) to lock user data, demanding ransom payments for the symmetric AES-256 keys necessary for decryption.…
The United Kingdom is set to implement a transformative measure in its strategy against ransomware attacks, instituting a formal prohibition on ransom payments. This regulation will primarily affect public and critical infrastructure sectors, including essential entities such as educational institutions, transportation systems, hospitals (notably the NHS), and financial organizations including…
Cloud Security, Cloud-Native Application Protection Platform (CNAPP), Security Operations Navigating the Cloud Security Marketplace: Weighing Functionality, Cost, Features, and Innovation Michael Novinson (MichaelNovinson) • January 14, 2025 Image: Shutterstock As organizations refine their approach to cloud security spending, many are consolidating their services with a select group of providers, choosing…
A significant data breach has been reported involving Gravy Analytics, a prominent US location data broker, exposing millions of location data points. The breach, confirmed by Gravy Analytics, has raised concerns regarding privacy and the potential misuse of sensitive data, placing millions of users at risk. According to sources, the…
Huione Guarantee, an online marketplace known for facilitating cryptocurrency exchanges, has unveiled a suite of new services, including an in-house communication platform dubbed “ChatMe” and a US dollar-pegged stablecoin identified as “USDH.” This expansion indicates Huione’s ambition to establish a comprehensive, self-sufficient ecosystem within the cryptocurrency sector. Researchers from Elliptic…
Artificial intelligence (AI) is reshaping industries on a global scale, providing startups with essential tools for innovation and expansion. However, alongside these advancements, cybercriminals are increasingly leveraging AI technologies to orchestrate complex attacks, placing startups in a precarious position. Typically, these new businesses do not possess the comprehensive cybersecurity infrastructures…
