As organizations increasingly rely on mobile devices for business operations, including multi-factor authentication and mobile-first applications, mobile phishing poses a severe risk to enterprise security.

New research from Zimperium's zLabs shows a surge in mobile-focused attacks, dubbed 'mishing', activity peaking in August 2024 with over 1,000 daily attack records. These attacks are specifically designed to evade desktop security measures, executing only on mobile devices.

Only a third of cybersecurity professionals would recommend their employer according to a new study carried out by IANS Research in collaboration with Artico Search.

It finds low satisfaction coincides with perceptions of limited career growth, with fewer than 40 percent of respondents satisfied with their advancement opportunities and more than 45 percent expressing frustration over slow progression. While compensation remains a factor, the ability to develop new skills and advance within an organization has a greater impact on retention.

AI adoption is gaining momentum in the public sector as elsewhere, with benefits like predictive analytics and issue detection, but concerns still linger.

Around four in 10 respondents to a new study by SolarWinds, focused on public sector staff, say they are extremely or very concerned about potential risks associated with adopting AI, such as data privacy and compliance, making full-scale implementation a cautious process.

Microsoft is moving closer to quantum computing supremacy with the arrival of its new Majorana 1 chip, a development which could potentially have a far-reaching impact on cybersecurity. While the Windows-maker touts this as progress, the reality is far more concerning. The encryption that protects banking transactions, government data, and personal communications could soon be worthless.

Microsoft's advancement comes down to Microsoft’s new topoconductor material, which enables a type of quantum computing that scales far beyond anything possible today. “We took a step back and said ‘OK, let’s invent the transistor for the quantum age. What properties does it need to have?’” said Chetan Nayak, Microsoft technical fellow. “And that’s really how we got here -- it’s the particular combination, the quality and the important details in our new materials stack that have enabled a new kind of qubit and ultimately our entire architecture.”

Ransomware is continuously on the rise. Despite multiple major law enforcement actions against ransomware groups over the past year, there has been a significant increase in ransomware attacks between 2023 and 2024. Interestingly enough, there was also a tracked 35 percent drop in ransomware payments in 2024, but it is clear that this is not stopping ransomware attacks from continuing as threat actors are finding other ways to monetize the data they’re stealing.

To combat this rise, cyber security measures within organizations need to be improved at every level, especially as the threat landscape grows even more complex. This past year has shown us that the importance of careful third-party vendor collaboration particularly must not be overlooked. With that said, there are a few considerations that need to take priority as 2025 progresses.

A new report from Darktrace reveals that Malware-as-a-Service (MaaS) is now responsible for 57 percent of all cyber threats to organizations, a 17 percent increase from the first half of 2024.

The use of remote access trojans (RATs) has also seen a significant increase in the latter half of last year, representing 46 percent of campaign activity identified, compared to only 12 percent in the first half.

Increased use of open source and third-party code leaves organizations open to more attacks on the software supply chain.

Open source vulnerabilities have become a prime target for attackers and organizations need to strengthen their defenses. We spoke to Richard Clark, senior solutions architect at JFrog, to discuss the importance of proactive measures in protecting against these threats.

A new report from Fortanix finds that 97 percent of companies block or restrict GenAI usage, and 89 percent of the respondents believe that such controls on usage are successful.

However, the same report -- based on a survey of 1,000 executives -- reveals that 95 percent of professionals use some form of AI, and 66 percent of respondents use GenAI for work, with 64 percent using personal email accounts to access the tools.

Around a third of web users say they would like to delete themselves from the internet, with people in the US and Canada being at the top of the list.

Research from cybersecurity company NordVPN and personal data removal service Incogni, finds that worldwide 45 percent of people are worried about being hacked, one of the key reasons for wanting to take themselves off the web.

The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.

At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.

Analysis of data logged by the Barracuda Managed XDR Security Operations Center shows ransomware threats have increased by four times over the last year.

In 2024, Barracuda Managed XDR logged 11 trillion IT events -- 350,000 per second. Just over a million were flagged as a potential risk and of these, 16,812 were identified as high-severity threats that required immediate defensive action. That’s a small percentage but highlights the need for powerful engines, analysis tools and human expertise to detect them.

New research finds that 47 percent of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network.

The study, carried out by the Ponemon Institute for Imprivata, also shows 64 percent of respondents believe these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months.

User-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes are widely available on the dark web according to the latest 2024 Report on Global Identity Fraud from AU10TIX.

FaaS platforms provide all the tools, templates and automation that fraudsters need, including deepfake generators to create synthetic selfies and videos, botnets to automate mass-scale account creation and takeover, and phishing kits for email and web-based scams.

Email remains a vital channel for business communications, but the availability of easy-to-use AI tools makes protecting the inbox a challenge as it's easier than ever for cybercriminals to launch sophisticated attacks.

A new report from Abnormal Security charts the rise of adversarial AI which has seen a 54 percent year-on-year rise in business email compromise attacks.

On the battlefield and in the trenches of entrepreneurship, victory comes to those who dare to think unconventionally and act with precision. As a former Green Beret, I've seen firsthand how the principles of unconventional warfare can translate into the business arena. Both demand team building, strategic thinking, and adaptability in dynamic environments.

Let's break down the seven-phase model of unconventional warfare and see how it can guide a startup from its inception to market dominance.