Governance & Risk Management, Operational Technology (OT) OTsec India Steering Committee Examines Cyberthreats, Compliance Challenges, and Innovation Opportunities Joshua Cunningham-Marsh, Matthew Robertson • November 6, 2025 The OTsec India Summit is a pivotal two-day event bringing together over 200 leaders in IT and OT security from India’s essential infrastructure and…
Local Authority Unintentionally Exposes Hundreds of Consultation Respondents’ Information In a significant breach of privacy, a local authority has inadvertently released personal details of hundreds of individuals who provided responses to a public consultation. This incident has raised serious concerns regarding data protection and the safeguarding of sensitive information in…
Recent cybersecurity reports indicate that threat actors are actively exploiting a critical security vulnerability in Veeam Backup & Replication software to deploy ransomware variants such as Akira and Fog. Sophos, a recognized cybersecurity vendor, has noted ongoing attacks that utilize compromised VPN credentials alongside the CVE-2024-40711 vulnerability to gain unauthorized…
Zyxel Networks, a Taiwanese provider of networking equipment, has issued a critical alert regarding a series of attacks targeting select security appliances, specifically firewalls and VPN servers. This warning highlights a sophisticated threat actor employing targeted strategies against devices with remote management or SSL VPN functionalities enabled. According to Zyxel,…
Cybersecurity experts at Doctor Web have identified a targeted cyberattack directed at a Russian government-owned entity by a hacker group identified as Cavalry Werewolf. This operation came to light in July 2025, when the organization recognized spam emails originating from its corporate address, prompting an extensive internal inquiry. Doctor Web’s…
Okta, a prominent provider of authentication services, has identified security firm Sitel as a third-party entity involved in a critical security breach that occurred in late January. This incident permitted the LAPSUS$ extortion gang to gain unauthorized access to an internal account assigned to a customer support engineer. The breach…
Fraud Management & Cybercrime, Government, Industry Specific Statewide Cyber Breach Affects 60 Agencies Before Ransomware Implementation Chris Riotta (@chrisriotta) • November 6, 2025 Image: Shutterstock/ISMG Recent analyses reveal that a ransomware threat actor compromised Nevada’s statewide government systems for several months prior to executing a ransomware attack. An after-action report…
In a significant cybersecurity incident, approximately 2.7 million owners of Hyundai and Kia vehicles may have had their personal data compromised due to a breach in the Hyundai IT services infrastructure. This security breach, reported by Cybernews, raises serious concerns regarding the protection of sensitive consumer information amid an increasingly…
In a recent development reflecting the persistent threat posed by Russian cyber actors, Microsoft has disclosed that the hackers behind the SolarWinds breach have resumed operations utilizing password spraying and brute-force methods to compromise customer accounts. This resurgence serves as a stark reminder that the attackers remain active and adept…
