A UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates.
A UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates.
Microsoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS.
The attackers pose as legitimate remote IT workers, looking to both generate revenue and access sensitive company data through employment. “Europe needs to wake up fast,” according to Google’s Jamie Collier.
This month, we are celebrating author Andrew Pattison! His book: NIST CSF 2.0 – Your essential introduction to managing cybersecurity risks was published in February 2025 and covers the latest updates to the NIST framework. The NIST CSF (Cybersecurity Framework) 2.0 is designed to help organisations prevent and protect themselves from cyber attacks. This book will help you understand how to: About the author: Andrew Pattison is the global head of GRC and PCI consultancy at GRC International Group, a GRC Solutions company. He has been working in information security, risk management and business continuity since the mid-1990s, helping
The post Author of the Month: Andrew Pattison appeared first on IT Governance Blog.
By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat’s session storage and gain control.
Google’s agreement to buy cloud security startup Wiz will face antitrust scrutiny amid Alphabet’s ongoing legal battles.
The vulnerability allowed malicious code running inside the Web Content sandbox, an isolated environment for web processes designed to limit security risks, to impact other parts of the device.
Researchers warn these commands could be exploited to manipulate memory, impersonate devices, and bypass security controls.
In 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2.
The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.