Governance & Risk Management, Operational Technology (OT), Video NAV Canada CISO Tom Bornais Discusses the Importance of Maintaining IT and OT Operations Joshua Cunningham-Marsh • October 31, 2025 Tom Bornais, CISO, NAV Canada As cyber threats evolve in sophistication, ensuring the security of vital infrastructure such as aviation systems necessitates…
Governance & Risk Management, Regulation, Standards, Regulations & Compliance Ed Parsons from Integrity Discusses the Impact of Regulations on Security Approaches Akshaya Asokan (asokan_akshaya) • October 30, 2025 Ed Parsons, Chief Operations Officer, Integrity The Network and Information Systems Directive 2 (NIS2 Directive) is catalyzing significant advancements in vulnerability management…
Businesses concerned about cybersecurity may already be familiar with Have I Been Pwned, a site dedicated to notifying users about data breaches. Recently, Proton, the company behind ProtonMail, launched its own data breach alert service named the Data Breach Observatory. This platform aims to provide near real-time notifications to individuals…
Security Flaws Discovered in Ollama AI Framework Recent disclosures by cybersecurity researchers have revealed six vulnerabilities within the Ollama artificial intelligence (AI) framework, a tool enabling users to deploy large language models (LLMs) locally on multiple operating systems, including Windows, Linux, and macOS. These vulnerabilities present significant risks, allowing potential…
Third-Party Risk Management, Data Breach Notification, Data Security Conduent Data Breach Affects Millions, Including Clients Humana and BCBS Montana Marianne Kolbasuk McGee (HealthInfoSec) • October 27, 2025 Conduent is informing over 10.5 million individuals about a breach identified in January. (Image: Conduent) A significant cybersecurity incident has emerged as Conduent…
Svenska kraftnät, the national operator of Sweden’s power grid, has reported a data breach that has exposed sensitive information to unauthorized individuals. The breach was publicly disclosed on October 26, 2025, and is linked to the notorious Everest ransomware group. This incident marks a significant concern amid a rising tide…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Ravin Academy’s Data Breach Exposes Identities of Over 1,000 Participants Chris Riotta ( @chrisriotta) • October 27, 2025 Image: Shutterstock Recent revelations from a cyber training facility affiliated with Iranian intelligence have exposed sensitive personal information of over 1,000 individuals enrolled in…
Critical Infrastructure Security Everest Extortion Group Targets Dublin Airport Akshaya Asokan (asokan_akshaya) • October 27, 2025 Image: Shutterstock A Russian data extortion group named Everest has threatened to release 1.5 million records allegedly obtained from Dublin Airport. This threat follows an investigation into a cybersecurity breach that originated from a…
Recent findings from cybersecurity researchers have unveiled a targeted campaign likely aimed at entities in Southeast Asia utilizing a novel form of Linux malware, identified as “FontOnLake.” This malware is designed to facilitate remote access for its operators, gather credentials, and serve as a proxy server. The cybersecurity firm ESET,…
