Cybercrime, Fraud Management & Cybercrime Recent Developments: CIRO Phishing Breach, Ingram Micro Ransomware, and CVE Increase Pooja Tikekar (@PoojaTikekar) • January 22, 2026 Image: Shutterstock/ISMG ISMG compiles weekly summaries of cybersecurity breaches globally. Recent incidents include sensitive data shared by the U.S. Social Security Administration on an unauthorized Cloudflare server,…
Kazakhstan Advances Data Breach Law Reforms, Elevating Risks for Australian Firms Kazakhstan is set to implement significant reforms to its data breach laws, which will introduce criminal charges for mass personal data leaks while increasing the maximum fines to approximately $42,500. This legislative move signals an escalating commitment to stricter…
Cybersecurity experts have identified a new peer-to-peer (P2P) worm named P2PInfect, which specifically targets vulnerable Redis installations for subsequent exploitation. Unlike many previous threats, P2PInfect can compromise Redis servers operating on both Linux and Windows platforms, making it a particularly formidable threat, as noted by researchers from Palo Alto Networks’…
Digitally signed malware has gained traction recently, utilizing legitimate digital certificates to mask malicious activities. Recent investigations have uncovered a malware campaign employing stolen valid digital certificates from Taiwanese technology firms, including D-Link, to authenticate their harmful applications and thereby appear trustworthy to unwitting users. Digital certificates, issued by recognized…
cURL Project Ends Vulnerability Reward Program Amid AI Report Surge The developers behind cURL, a widely-used networking tool, are discontinuing their vulnerability reward program due to a significant influx of low-quality submissions, many of which have been identified as AI-generated. Daniel Stenberg, the founder and lead developer of the open-source…
Recent developments in the investigation of the high-profile data breach at British telecom provider TalkTalk have led to the arrest of a 16-year-old male from London. This individual was apprehended by the Metropolitan Police Cyber Crime Unit (MPCCU) at his residence in Norwich, under the suspicion of violating the Computer…
Governance & Risk Management OIG: Inadequate Standards and Third-Party Oversight May Endanger Health Sector Agencies Marianne Kolbasuk McGee (HealthInfoSec) • January 22, 2026 The U.S. Department of Health and Human Services Office of Inspector General emphasizes a need for unified cyber governance standards. (Image: HHS) In a recent…
Coupang CEO Apologizes for Data Breach, Again Fails to Attend Parliamentary Hearing Bom Kim, the founder and CEO of Coupang, Inc., publicly apologized on Sunday regarding a significant data breach that has impacted nearly the entirety of the company’s customer base. This incident has prompted a comprehensive tax investigation by…
Apache OpenMeetings Faces Critical Security Vulnerabilities Recent security findings have exposed multiple vulnerabilities in Apache OpenMeetings, a widely used web conferencing solution. These weaknesses could be exploited by malicious actors to potentially take control of administrative accounts and execute harmful code on compromised servers. The implications of these vulnerabilities could…