Articles about cybersecurity

Not quite how The Killers put it, but a new report shows Human workers remain the most consistent point of attack for cybercriminals, with shadow IT and AI-driven social engineering providing attackers with both new tools and new targets.

The 2025 Global Threat Intelligence Report from Mimecast reveals key trends, including the rise of smarter, AI-powered phishing and social engineering cyberattacks, and threat groups increasingly using trusted services to evade detection and reach targets. Mimecast’s analysis finds that phishing accounts for 77 percent of all attacks up from 60 percent in 2024 with attackers likely leveraging more AI tools.

Continue reading →

Many of the recent wave of high-profile cyberattacks can be traced back to the theft of a single set of credentials which have allowed the attacker to access and move within a corporate network.

A new report from Flashpoint looks at the rise of large-scale information-stealing malware campaigns and how ‘infostealer’ malware has been a key enabler, responsible for the theft of over 1.8 billion corporate and personal email accounts, passwords, cookies, and other sensitive data.

Continue reading →

A new report reveals a 40 percent (quarter-over-quarter) increase in evasive, advanced malware. The data highlights encrypted channels as adversaries' favored attack vector using Transport Layer Security (TLS), the encryption protocol behind most secure web traffic.

The study from WatchGuard Technologies, which provides cybersecurity for MSPs, shows 70 percent of all malware is now delivered via encrypted connections, the findings highlight attackers’ increasing reliance on obfuscation and stealth, and the need for organizations to improve visibility into encrypted traffic and adopt flexible protection strategies.

Continue reading →

The frequency of ransomware attacks has dropped from eight incidents per organization to five or six incidents in the last year, but at the same time the average ransomware payment has surged by more than a million dollars, from $2.5M to $3.6M.

A new Global Threat Landscape report from ExtraHop, based on research by Censuswide, finds threat actors are shifting away from broad, indiscriminate attacks to a more targeted approach that yields better results.

Continue reading →

A new survey finds 60 percent of surveyed UK and US cybersecurity leaders now admit that security risks originating from third parties and supply chain partners are ‘innumerable and unmanageable.’

The study from IO (which used to be ISMS online) shows 97 percent of cybersecurity leaders say they’re confident in their breach response, with 61 percent describing themselves as ‘very confident.’ Yet, that confidence contrasts dramatically with 61 percent of leaders who say their organization has suffered a third-party or supply chain attack in the past 12 months.

Continue reading →

Among all of the various forms of cyberattack phishing attempts delivered by email are still one of the most common.

What’s more AI is making these attacks more effective, because you can no longer rely on looking out for dodgy grammar or other signs that a message may not be what it seems.

Continue reading →

Artificial intelligence is transforming the way that many areas of business operate. But with the benefits also come new risks to corporate data.

We spoke to Rohan Sathe, CEO and co-founder of Nightfall AI, to find out how AI risks exposing sensitive information and what companies can do to protect themselves.

Continue reading →

New data from BlackFog shows publicly disclosed ransomware attacks continued to set new records in the third quarter of this year, with 270 attacks -- a 36 percent increase compared to the same quarter in 2024 (198 attacks). This also represents a 335 percent increase since Q3 2020, underscoring the continued rise in attacks over the last five years.

Between July and September, publicly disclosed attacks were attributed to 54 ransomware groups. As in Q2, the Qilin ransomware gang was the most active, responsible for 20 incidents during the period. Notably, approximately 40 percent (107) of reported attacks have not yet been attributed to any known ransomware group.

Continue reading →

New research looking at high pressure extortion scams reveals that Gen Z is being particularly impacted by AI-powered threats. All mobile users are at risk, however, with one in three having been targeted by an extortion scam, often threatening to expose pictures or browsing history, and nearly one in five falling victim.

The research from Malwarebytes shows a distinct target profile for extortion. 69 percent of victims and 64 percent of targets are Gen Z or Millennial (compared 52 percent of victims and 40 percent of targets of other types of scams). 65 percent of victims and 60 percent of targets are male (vs. 48 percent/45 percent)

Continue reading →

Scams and fraud are an ever present threat on the internet and the rise of AI means that they’re getting harder to spot with the old giveaways of bad grammar and dodgy attachments largely eliminated.

Google is announcing a range of new tools and initiatives to help people remain safe online. These include improved app features, new account recovery tools and better education and awareness programs.

Continue reading →

The latest OS Malware Index from Sonatype shows a 140 percent surge in open source malware as attackers target data and trusted dependencies.

The index is compiled from analysis of 34,319 open source malware packages discovered by Sonatype across major open source registries including npm, PyPI, Hugging Face, and more. This quarter’s count brings the total number of malicious packages Sonatype has discovered to 877,522 since 2019.

Continue reading →

However good your defenses, cyberattacks can still happen. However, in many cases, the aftermath can be worse than the attack itself, as enterprises struggle to calm nerves and reassure staff, customers, and shareholders.

We spoke with Daniel Tobok, CEO of incident response specialist CYPFER, to discuss how organizations can recover from a cyberattack and why the leadership's response is vital.

Continue reading →

A new study of over 1,000 US parents with children at home between the ages of two and 20 finds that 35 percent of families have experienced a phishing scam via text, email or chat, and 25 percent have had a game or social media account hacked.

The report from Bitwarden finds that children as young as three to five are already using the internet, and 42 percent of parents in this age group say their child has unintentionally shared personal information. Nearly 80 percent of kids ages three to 12 have their own tablet, making device access nearly universal by early elementary school.

Continue reading →

A new study from fraud prevention specialist Fingerprint finds 41 percent of over 300 fraud and technology leaders surveyed say their organizations are already facing AI-powered attacks.

These sophisticated threats, which range from generative AI phishing schemes to automated bot attacks, are creating a significant operational crisis. According to the report, 93 percent of fraud teams have seen noticeable operational impacts, with 38 percent of organizations citing higher costs from manual review and triage as a top business concern.

Continue reading →

Cybercrime has become a global epidemic, with costs soaring across sectors and borders. But who’s paying the price and how has that changed since the turn of the century?

Researchers from vpnMentor have analyzed 25 years of FBI Internet Crime Complaint Center (IC3) data along with a review of major global incidents to discover the cost of cybercrime and how it’s evolving.

Continue reading →