Infosec stories - Page 25

Nike is probing a suspected cyberattack after a hacker group claimed to leak 1.4TB of internal data, raising supply chain security fears.

Fortinet has upgraded FortiCNAPP with network, data and runtime signals to sharpen cloud risk scoring and cut alert overload for security teams.

As hybrid IT sprawl fuels blind spots and AI-driven attacks, experts say only a zero trust, hybrid mesh rethink can secure modern networks.

Genetec issues privacy rules for physical security data, urging clear limits, encryption and ongoing cyber defence for surveillance systems.

Keeper rolls out a zero-trust Slack integration, turning chat-based approvals into governed workflows while keeping enforcement in Keeper Vault.

Okta warns new real-time vishing kits can hijack browser sessions during calls, tricking users into defeating non‑phishing‑resistant MFA.

New UK cyber bill pushes critical sectors towards continuous offensive security testing as state-backed and criminal threats intensify.

Cyderes appoints Lana Knop as Chief Product Officer to steer post‑Lucidum product strategy and drive a new wave of AI‑powered security services.

Check Point launches AI-ready Exposure Management to plug remediation gaps, unifying threat intelligence, prioritisation and automated fixes.

SonicWall launches unified automation tools to cut alert fatigue, speed cyber threat remediation and streamline overstretched security teams.

Phishing campaign uses stolen logins and trusted RMM tools like GoTo Resolve and LogMeIn to quietly maintain access to corporate systems.

Cohesity has expanded its Identity Resilience tools to detect, block and rapidly undo attacks on hybrid Active Directory and Entra ID.

AppOmni study finds average SaaS breach costs USD $1.365m, as customers report big time savings, fewer audit issues and faster detection.

Data Privacy Day shifts focus from policy to proof, as firms embed control, resilience and design into complex hybrid data estates.

New global survey warns a widening 'complexity gap' leaves AI-driven, multi-cloud environments outpacing organisations' security defences.

Misconfigured cloud training labs on AWS, Google Cloud and Azure expose major firms to live attacks via overly permissive access roles.

Major firms are leaving known, actively exploited cyber flaws unpatched for six months or more, sharply heightening breach risks.

Politically themed LOTUSLITE phishing campaign hits US policy bodies, using DLL sideloading and espionage-focused backdoor tactics.

Bitdefender warns of a global surge in fake job emails posing as Amazon, Carrefour and the NHS, stealing data, money and account logins.

CrowdStrike cites a Forrester study claiming 273% ROI and USD $5m in three-year benefits from consolidating legacy endpoint security.