The Information Commissioner’s Office (ICO) has criticised law firm DPP for security failures that led to a serious cyber attack resulting in the theft of 32GB of sensitive personal information. A poorly protected administrator account was exploited in this breach. ICO’s Director of Enforcement and Investigations, Andy Curry, stressed the need for strong cybersecurity measures and highlighted data protection as a legal obligation. The ICO provides guidance on security and reporting data breaches in their recent report.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")