In 2013, the Australian Prudential Regulation Authority (APRA) introduced Prudential Practice Guide CPG 235, a comprehensive framework designed to enhance data risk management across the finance sector. This guide provides financial institutions with principles and best practices to safeguard data… Read More "How CPG 235 is Shaping Data Security Standards in Finance"
When choosing a supplier to partner with, organizations need to perform their due diligence and assess the cyber risks associated with each particular supplier using risk assessment evaluations. Part of the supplier lifecycle management process includes ensuring that these third… Read More "How Do You Perform a Supplier Risk Assessment?"
How enterprises can arm themselves The good(ish) news, however, according to Beauceron’s Shipley, is that of the various types of phishes, from link-based, to attachment-based, to QR-code scanning, attachments tend to have a lower success rate. This is because they… Read More "That innocent PDF is now a Trojan Horse for Gmail attacks"
How many tools does it take to get a clear picture of your organization’s cybersecurity risk? You’ve probably asked yourself a similar question recently. The answer for most of us is a resounding “too many.” It’s a familiar feeling. Your… Read More "Compounding Intelligence: UpGuard’s GRID and 1+1>2 Approach"
A newly patched high-severity VMware vulnerability has been exploited as a zero-day since October 2024 for code execution with elevated privileges, NVISO Labs reports. Tracked as CVE-2025-41244 (CVSS score of 7.8), the security defect impacts both VMware Aria Operations and… Read More "Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability"
Oct 01, 2025The Hacker NewsAttack Surface / Artificial Intelligence Bitdefender’s 2025 Cybersecurity Assessment Report paints a sobering picture of today’s cyber defense landscape: mounting pressure to remain silent after breaches, a gap between leadership and frontline teams, and a growing… Read More "Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising"
Researchers have documented a previously unknown threat actor that aligns with China’s intelligence collection interests. The group primarily targets government and telecommunications organizations from Africa, the Middle East, and Asia with the goal of maintaining long-term covert access to critical… Read More "Chinese APT group Phantom Taurus targets gov and telecom organizations"
