Ian Barker

The latest Cyber Threat Intelligence Report from Hoxhunt looks at the quantity and quality of threats that bypass firewalls and email filters.

It finds attackers are improving their techniques to create more credible threats which are more likely to slip past defenses. Phishing techniques are improving with cleaner language, more convincing formatting and more believable workflow mimicry.

Security analysts want to capture more events in order to spot threats earlier which requires more detection rules. But doing so risks driving up alert volumes leading to issues with alert fatigue.

The solution is automation which can be used to increase the throughput of alerts and the threat intelligence around these, creating a ‘paranoid’ form of posture management. We talked to Martin Jakobsen, CEO of Cybanetix, to learn more about how this works.
 
BN: What is ‘paranoid posture management’? What does this mean in practice, and how does automation help enable it?
 
MJ: A massive problem for security monitoring is that Security Operation Centres (SOCs) can become overwhelmed by the sheer volume of alerts, as a consequence of which a lot of SOCs end up either ignoring or tuning out low severity alerts. The ideal scenario is to have a big red alert when you have a breach, but the reality is that attackers will make initial forays, and that those telltale signs will be missed. If you’re only looking for the obvious indicators of a breach, incident response is already caught on the back foot.

A new study reveals the extent to which medical professionals’ personal information is publicly available online, leaving them vulnerable to stalking and other forms of threats.

The report from data privacy and personal data removal service Incogni looks at 768 medical department heads from major US hospitals to see what personal information is publicly accessible and shows some concerning results.

Modern social engineering attacks no longer begin and end in the email inbox. They move across identity platforms, SaaS tools, and collaboration apps, exploiting gaps between disconnected security products, and employing increasingly sophisticated techniques to evade traditional defenses and reach end users.

To address these threats AI cybersecurity specialist Darktrace is launching a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections and streamline SOC integrations.

Spreadsheets are essential to modern businesses, used to plan budgets, manage inventory, supervise members, and organize proprietary data. But organizations are becoming increasingly concerned that these tools can leave their internal data exposed to surveillance, tracking, and AI training.

This why Proton is launching Proton Sheets, an easy-to-use private spreadsheet that lets teams collaborate while keeping control of their data.

Previously, a single dominant group tended to define the cybercrime landscape. Now, several actors sustain large-scale operations, with the number of distinct actors nearly tripling from 33 to 89 since 2020.

The latest Security Navigator report from Orange Cyber Defense shows that in Europe, victims of Qilin and Akira have risen by 324 percent and 168 percent respectively.

Most organizations lack the monitoring capabilities and governance policies needed to mitigate risks posed by shadow AI according to a new report.

The survey, of 600 IT leaders across North America, EMEA, and APJ, from Cato Networks finds that while 61 percent of respondents found unauthorized AI tools in their environments, only 26 percent have solutions in place to monitor AI usage. Nearly half (49 percent) of the respondents either don’t track AI usage at all or address AI on a reactive basis.

Organizations face massive mobile security vulnerabilities as they increasingly embrace BYOD and hybrid strategies. At the same time traditional mobile security tools are failing to mitigate these risks while also compromising employee privacy.

A new report from secure virtual mobile infrastructure firm Hypori, based on a survey of 1,000 global security, risk, mobility, and BYOD decision-makers, finds 92 percent of security and risk leaders are facing challenges in zero trust implementation.

Only six percent of enterprise AI leaders say their data infrastructure is fully ready for AI according to a new report from CData Software.

The research exposes a divide in AI preparedness. 60 percent of companies at the highest level of AI maturity have also invested in advanced data infrastructure, while 53 percent of organizations struggling with AI implementations are hampered by immature data systems. The gap is costing companies time, money, and competitive advantage.

Many organizations are running SQL Server across Windows, Linux, containers, and Kubernetes. Obviously there are advantages if that environment can be unified into a single data estate, but doing so presents a number of challenges.

We spoke to Don Boxley, CEO and co-founder of DH2i, to look at the problems involved and how to address them.

Cybersecurity company Surfshark has reviewed popular file-sharing platforms and finds that the majority of them don’t scan your files for viruses, nor do they protect you from malicious software on their free plans.

Box and WeTransfer, which together have a total of 138 million registered users, do not scan for viruses on free plans but begin scanning files on paid plans. Dropbox, with 700 million registered users, does not offer scanning at all.

New research finds just two percent of organizations with 500+ employees report having no plans or interest in agentic AI. Indeed a significant portion of respondents are already using or interfacing with AI agents for both internal and external tasks.

But the study, from Enterprise Management Associates (EMA), reveals a critical, organization-wide inability to prepare for the identity and security challenges which these autonomous entities introduce.

A growing sense of unease is gripping boardrooms as 88 percent of cybersecurity and information security leaders surveyed at UK and US organizations now express concern about state-sponsored cyberattacks.

The research from IO shows organizations are increasingly aware of the strategic nature of cyber risk and that the geopolitical threat is increasing, with 33 percent of organizations surveyed concerned about an expanded threat landscape targeting their own systems.

Modern security operations centers (SOCs) face a perfect storm of complexity: growing alert volumes, fragmented tools, and pressure to respond faster than ever.

Intelligent operations platform Sumo Logic is announcing new advancements to Dojo AI, its enterprise-grade agentic AI platform for security operations to help security teams reduce alert fatigue, accelerate investigations, and streamline security workflows.

In an era where cyber threats are evolving faster than ever, organizations can no longer rely solely on reactive defences. Offensive security, once a niche practice, is now a strategic imperative.

To better understand this shift, we spoke with Scott Reininga, CEO of Reversec, a cybersecurity firm at the forefront of offensive security innovation. He explains why offensive security is becoming essential, how it differs from traditional methods, and what organizations can do to adopt a more proactive stance.