API Security • January 23, 2025 APIs serve as a fundamental component of contemporary applications, facilitating essential interactions and functionalities across various platforms. Nonetheless, the increasing intricacy of API environments has given rise to potential vulnerabilities that cyber adversaries may exploit. These weaknesses can lead to operational disruptions, data theft,…
The Turkish government is currently advancing a contentious cybersecurity bill that may criminalize the reporting of data breaches. This proposed legislation introduces various penalties for cybersecurity offenses, but raises significant alarm with one specific provision: individuals who create the perception of a data breach—regardless of its truth—could face imprisonment ranging…
On a sunny January day, Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), prepares for a potentially challenging conclusion to her tenure. Shortly before the inauguration of President Joe Biden, Easterly, 56, found herself caught in a narrative of uncertainty as the incoming administration signaled a…
Recent trends reveal an alarming increase in the number of both public and private sector organizations making ransom payments to hackers deploying malware, particularly in the form of ransomware. These transactions often come with dire consequences that may not be widely recognized, raising critical questions about their efficacy and the…
Governance & Risk Management, Operational Technology (OT) Hackers Unlikely to Exploit Vulnerabilities in Practice Prajeet Nair (@prajeetspeaks) • January 23, 2025 Image: Shutterstock In a recent advisory, the U.S. federal government disclosed a significant, unpatchable vulnerability within the Traffic Alert and Collision Avoidance System II (TCAS II) that prevents mid-air…
Data Breach Alert: PowerSchool Faces Cybersecurity Incident In a recent cybersecurity incident, educational technology platform PowerSchool has confirmed a data breach that may compromise sensitive user data. This alarming violation has raised significant concerns, as it potentially impacts schools, educators, students, and parents who rely on the platform for essential…
Cybersecurity firm ESET has uncovered a previously unidentified Advanced Persistent Threat (APT) group known as “PlushDaemon,” which is reportedly aligned with China and has been targeting South Korea through sophisticated cyber espionage tactics. This revelation marks a significant development in the cybersecurity landscape, as PlushDaemon employs an innovative attack strategy…
Artificial Intelligence & Machine Learning, Data Governance, Data Privacy Class Action Lawsuit Alleges LinkedIn Breached Privacy Laws and User Contracts Akshaya Asokan (asokan_akshaya) • January 23, 2025 Image: Shutterstock This week, a LinkedIn user based in California has initiated a class action lawsuit against the professional networking platform, alleging violations…
NEW DELHI: The notorious ransomware group known as Bashe has claimed responsibility for a breach of ICICI Bank’s database, one of India’s most prominent banking institutions. Reports circulating on the dark web indicate that the hackers have imposed a ransom deadline of January 24, 2025, threatening to release sensitive customer…
