Saturday , April 19 2025

Asia-Pacific NGOs Lack Basic Cyber Controls, Finds Survey

Rising worries about the digital security of nongovernmental organizations in the Asia-Pacific region haven’t translated into robust adoption of basic measures, shows data from a survey of more than 1,500 regional NGOs.

Infoxchange, an Australian IT consultant for social issue organizations, said only about 4 in 10 NGOs have enabled multifactor authentication and that only 2 in 10 provide cybersecurity training to staff. Of the 1,589 NGOs across the region that participated in an Infoxchange survey, 1 in 6 disclosed experiencing a cybersecurity incident during the past year. One-third of Indonesian organizations reported experiencing an incident.

CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers

Hackers can exploit a vulnerability in Asus routers to execute unauthorized functions. This serious issue, rated 9.2 out of 10,...
Read More
CVE-2025-2492  ASUS warns of critical auth bypass flaw in routers

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+  Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236  Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054  Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

NGOs can attract hackers for motives that include espionage, ideological opposition and plain theft of donor information. Cybersecurity firm Recorded Future in August said it had spotted a multiyear campaign by a Chinese state-sponsored group it dubbed RedAlpha targeting humanitarian organizations, think tanks and government agencies. The hackers displayed a particular interest in organizations located in Taiwan.

The World Economic Forum in a January 2022 report concluded that NGOs are easy targets for ransomware extortionists since they often lack funding for robust cyber defense. “The lack of funding makes it challenging for many organizations to recruit talented practitioners and implement much needed cybersecurity road maps.”

NGOs may also view cybersecurity as an overhead expense that should be kept down as much as possible given the imperative to spend donors’ money on fulfilling the mission.

Infoxchange’s survey shows Asia-Pacific NGOs taken together spend 3.4% of their operational expenditures on IT, and the foremost IT priorities for most of these organizations are website improvements, along with boosting social media and digital marketing and improving the digital capabilities of staff.

Just 35% of NGO decision-makers in the Asia-Pacific region treat the improvement of data protection and information security practices as a top priority, the survey found. Infoxchange CEO David Spriggs said these figures highlight “the urgent need to prioritize cybersecurity practices and invest in the necessary training and infrastructure to protect sensitive data.”

Check Also

Australian Cyber Security Centre Alert for Fortinet Products

The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public …

Leave a Reply

Your email address will not be published. Required fields are marked *