News

Sophos achieves its best-ever results in the MITRE ATT&CK Enterprise 2025 Evaluation

Bys s December 10, 2025

A major milestone: Sophos XDR delivers 100% detection coverage in the latest ATT&CK Evaluation.

News

It’s 2026, but hospitals still haven’t prevented snooping in celebrities’ records
Bys s February 12, 2026

DataBreaches is not on TikTok and, being something of a dinosaur, never heard of “Josh and Jase” before. But no patient should have their privacy violated the ways Josh’s was. What happened to “break the glass?” What happened to all the software and auditing protections to prevent hospital employees from snooping on celebrity patients’ records?……

Read More It’s 2026, but hospitals still haven’t prevented snooping in celebrities’ records
News

UK: HMRC sacks dozens of staff for snooping on taxpayers
Bys s August 16, 2025

Neil Shaw reports: HM Revenue and Customs (HMRC) has revealed that hundreds of staff have accessed the records of taxpayers without permission or breached security in other ways. HMRC dismissed 50 members of staff last year for accessing or risking the exposure of taxpayers’ records, according to The Telegraph. 354 tax employees have been disciplined for……

Read More UK: HMRC sacks dozens of staff for snooping on taxpayers
News

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Bys s March 17, 2026

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter’s sandbox mode permits outbound DNS queries that an attacker can exploit to enable interactive shells

Read More AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
News

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Bys s February 19, 2026

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,

Read More PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
News

UK Court of Appeal Rules on the Concept of Personal Data in the Context of Data Security
Bys s February 27, 2026

Sam Jungyun Choi, Jadzia Pierce, and Paul Maynard of Covington and Burling write: On February 19, 2026, the UK Court of Appeal handed down its decision in DSG Retail Limited v The Information Commissioner [2026] EWCA Civ 140. The Court ruled that a controller’s data security duty applies to all personal data for which it acts as……

Read More UK Court of Appeal Rules on the Concept of Personal Data in the Context of Data Security
News

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
Bys s February 11, 2026

Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they…

Read More Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

Similar Posts