Articles about cybersecurity

New research from Comparitech, based on data from its worldwide ransomware tracker, finds a 30 percent rise in ransomware attacks on healthcare businesses in the first nine months of 2025.

It recorded 293 ransomware attacks on hospitals, clinics, and other direct care providers -- a similar number to 2024 -- but there were a further 130 attacks on businesses operating within the healthcare sector, such as pharmaceutical/medical manufacturers, medical billing providers, and healthcare tech companies.

Continue reading →

A new report from Cork Protection looks at the security challenges facing small and medium-sized businesses (SMBs), backed up by comment from a range of industry leaders. Challenges include an asymmetric threat landscape, defined by the misuse of artificial intelligence and relentless exploitation of human vulnerabilities.

Among the findings are that AI-powered adversaries are launching automated, sophisticated campaigns at unprecedented scale. Also the financial fallout of a breach now extends far beyond ransom, often resulting in business-ending costs.

Continue reading →

A shortage of skilled cyber professionals is leading to critical security roles being unfilled at a time when they are needed most, according to a new skills gap report from Fortinet.

Organizations are turning increasingly to AI to strengthen their cybersecurity postures and fill gaps, but they also acknowledge that AI may be used against them as an engine of new or improved cyberattacks, especially given the lack of AI skillsets across teams.

Continue reading →

A new report exposes a disconnect between rapid API adoption and immature security practices, which threatens the success of critical AI and automation initiatives.

The study from Salt Security, based on responses from over 380 professionals tasked with managing APIs, finds 80 percent of organizations lack continuous, real-time API monitoring, leaving them blind to active threats targeting AI agents.

Continue reading →

Security Operations Centers are inundated with thousands of alerts each day, most of which are false positives or low-severity issues. This flood of noise leads to alert fatigue, forcing SOC analysts to waste valuable time on false alarms instead of focusing on genuine threats.

A new study from Dropzone AI looking at SOC analyst performance across 148 security analysts shows that AI can improve effectiveness. AI assisted investigations were 22–29 percent more accurate than those in the unassisted control group. 

Continue reading →

A report released today finds that approximately 60 percent of businesses are using three
or more secure sockets layer (SSL) providers and suggests a lack of centralized processes for SSL certificate management.

The study from domain security company CSC analyzed usage trends and patterns for more than 802,000 digital certificates linked to 2.4 million domains. It finds domain validated (DV) certificates account for three-quarters (73.4 percent) of certificates while organization validation (OV) certificates represent nearly a quarter (24.6 percent). Extended validation (EV) certificates account for less than two percent (1.9 percent).

Continue reading →

A new global study of over 800 senior IT leaders reveals the concerns of IT leaders as they struggle with the rising complexity of recovery planning to cope with the aftermath of cyberattacks.

The survey from infrastructure specialist 11:11 Systems finds that 82 percent of respondents have experienced at least one significant cyberattack, while 57 percent endured two or more attacks within the past year.

Continue reading →

The Scattered Spider group seems to have switched from high-profile attacks on UK retailers to new campaigns targeting the insurance sector. The group has recently been linked to ransomware incidents affecting US-based Philadelphia Insurance and Erie Insurance, which operates in both the UK and the US.

We spoke to Danny Howett, technical director at global cybersecurity consultancy CyXcel, to discuss why insurance is such an attractive target and some practical steps insurers can take to shore up their defences against increasingly organised cybercriminals.

Continue reading →

October is Cybersecurity Awareness Month designed to raise awareness of the ways people can protect themselves online. To mark this ESET has launched a free Cybersecurity Awareness Kit.

This includes a new and improved version of its free ESET Basic Cybersecurity Awareness Training along with access to ESET’s 2025 H1 Threat Report, and a free 30-day business trial of ESET’s full-featured security solution.

Continue reading →

Modern enterprises are more than ever reliant on data. But that makes understanding how that data is generated, transmitted, changed and used over time -- its lineage, vitally important.

We spoke to Saurabh Gupta, chief of strategy, revenue and growth at The Modern Data Company, to discuss how proactive, context-rich systems of record enable organizations to accelerate, maintain trust, and strategically utilize data.

Continue reading →

Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile device. But what if the apps designed to safeguard your data are not secure?

Analysis by Zimperium zLabs of 800 free VPN apps for both Android and iOS reveals that the threat is real and widespread.

Continue reading →

A new study of 500 US IT and cybersecurity staff reveals that 84 percent report feeling uncomfortable levels of stress at work due to IT security risks, while 78 percent fear they will be personally blamed for security incidents.

The report from Object First exposes a gap in how organizations support their IT staff, highlighting the opportunity to provide mental health resources and less complex security technology to help reduce stress as cyber threats continue to rise.

Continue reading →

A new report from Illumio, based on a survey of over 1,100 IT and cybersecurity decision makers, finds that almost 90 percent of leaders have detected a security incident involving lateral movement within the past 12 months.

Each incident involving lateral movement resulted in a global average of over seven hours of downtime. Alert fatigue, along with limited and fragmented visibility, especially across hybrid environments, are two of the top challenges to detecting lateral movement.

Continue reading →

A new survey of more than 1,400 education leaders across primary, secondary and higher education in the UK and US finds that while AI is already integrated into classrooms and faculty work, development of policies and protections needed to manage new risks in schools is lagging.

The study from Keeper Security shows 41 percent of schools have experienced AI-related cyber incidents, including phishing campaigns and misinformation, while nearly 30 percent reported instances of harmful AI content, such as deepfakes created by students.

Continue reading →

The rapid adoption of artificial intelligence (AI) is transforming both attack and defense according to a report released today by crowdsourced security platform HackerOne.

It finds that organizations have expanded their AI program adoption by 270 percent this year, while HackerOne’s platform reported a 540 percent surge in prompt injection vulnerabilities to make them the fastest-growing threat in AI security.

Continue reading →