The Digital Operational Resilience Act (DORA) comes into full effect on January 17, 2025, and aims to prevent and mitigate cyber threats by establishing a comprehensive ICT risk management framework for the EU financial industry. The new EU regulation seeks to ensure that financial institutions and critical ICT providers advance their cybersecurity and operational processes to safeguard their key systems, enhancing the industry’s operational resilience.

In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined.

The quality of malicious ads has improved immensely, making it harder for users to distinguish between what’s real or fake.

A newly discovered spyware tool named MerkSpy is targeting users in Canada, India, Poland, and the U.S., exploiting a patched security flaw in Microsoft MSHTML. This campaign, identified by Foresiet researchers, highlights the critical need for vigilant cybersecurity practices, including stolen credentials detection, darknet monitoring services, and digital footprint analysis. Attack Overview The attack begins with a Microsoft Word document disguised as a job description for a software engineer.

A widespread ransomware attack has brought thousands of car dealerships across the United States to a halt. The incident, attributed to the BlackSuit ransomware gang, targeted CDK Global, a software provider essential to the operations of numerous car dealerships. This breach underscores the critical need for robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.

While the Fourth of July is typically considered a day of celebration for those in the U.S., many don’t realize it’s also a period of heightened risk. In fact, this isn’t unique to the Fourth of July: holidays often see an uptick in cybersecurity threats. With the Fourth of July nearly upon us, let’s examine why this happens and how you can protect yourself and your business.

Blockchain technology, renowned for its decentralized and immutable nature, promises enhanced security for various applications. However, like any technology, it is not without vulnerabilities. This in-depth examination explores the security aspects of blockchain, identifies common vulnerabilities, and outlines the measures needed to secure blockchain applications effectively.

No, you don’t have to change your password every 90 days. This idea of regularly changing your password is known as password rotation. The main benefit of changing your passwords so often is to prevent unauthorized users from accessing private information. For personal accounts, changing your passwords every 90 days can actually end up being worse than keeping them the same.

As the NIS2 Directive reshapes the cybersecurity landscape across Europe, a key focus for organisations is understanding and managing their critical suppliers. The directive mandates heightened scrutiny and tighter controls around these essential entities, underscoring their importance in your overall cybersecurity strategy. But the pivotal question remains: How do you determine who qualifies as a 'critical supplier'?

ONNX Store targets the financial industry, Boolka delivers the BMANAGER trojan via SQLi attacks, and SneakyChef deploys SpiceRAT and SugarGh0st.