Policy
-
MainStreet Bancshares Reports Data Breach Affecting Customer Information
MainStreet Bancshares has disclosed a data breach that affected a significant portion of its customer base due to an incident involving a third-party provider. The bank reported to the SEC that its own infrastructure was unaffected, but the incident raises questions about cybersecurity in the banking sector.
-
Australia Mandates Reporting of Ransomware Payments by Victims
Australia has become the first nation to oblige ransomware attack victims to report extortion payments, affecting organizations with significant turnovers and enhancing government visibility into cybercrime.
-
China-Linked Hackers Target South Asian Organizations Through Critical SAP Vulnerability
A China-linked hacker group known as Earth Lamia has successfully exploited a critical SAP vulnerability, targeting numerous organizations in South Asia and expanding their tactics beyond financial sectors to include IT and governmental entities.
-
Cybercriminals Exploit Popular AI Tools to Distribute Ransomware and Malware
Cybercriminals are exploiting popular AI tools to distribute ransomware and malware, including CyberLock and Lucky_Gh0$t. A report by Cisco Talos highlights the tactics used to lure victims through fake installations of AI solutions, increasing the urgency for enhanced cybersecurity measures.
-
Czech Republic Accuses China of Cyber Espionage Targeting Foreign Ministry
The Czech Republic has publicly accused China of cyber espionage, targeting its Ministry of Foreign Affairs in a campaign attributed to the hacking group APT31, which has reportedly infiltrated critical infrastructure since 2022.
-
Apple Prevents Over $9 Billion in Fraudulent Transactions in Last Five Years
Apple Inc. has revealed that it prevented more than $9 billion in fraudulent transactions in the last five years, particularly noting over $2 billion in the year 2024 alone, through stringent App Store policies aimed at protecting users from deceptive apps and other malicious activities.
-
Chinese Hackers Exploit Zero-Day Vulnerability in Cityworks, Warns Cisco Talos
Cisco Talos has raised alarms over active cyberattacks by Chinese hackers exploiting a zero-day vulnerability in Trimble Cityworks, affecting local U.S. government agencies and enabling remote code execution.
-
Cybersecurity Breaches Expose Sensitive Information and Target Malware Groups
Recent cybersecurity incidents have highlighted the vulnerability of sensitive information within government communications and exposed serious lapses in security among major corporations. Key developments include the breach of TeleMessage, ongoing law enforcement operations against malware groups, and alarming discoveries of unsecured databases containing millions of login credentials.
-
FBI Warns Law Firms of Rising Cyber Threats from Silent Ransom Group
The FBI has warned U.S. law firms of a growing cyber threat from the Silent Ransom Group, which has increased its focus on the legal sector since early 2023, employing phishing tactics and social engineering calls to access sensitive legal data.
-
Critical Flaw Discovered in Windows Server 2025 Poses Risk to Active Directory Users
A critical security vulnerability in Windows Server 2025, discovered by Akamai researchers, poses serious risks to Active Directory users, enabling potential attackers to gain unauthorized access to any AD user account. With Microsoft yet to release a patch, organizations are urged to implement immediate protective measures.
