Articles about cybersecurity

The idea of security graphs was floated last year by Microsoft to make it easier to identify risks across networks.

Today Illumio is one of the first to make commercial use of this idea with the launch of Illumio Insights, the industry's first cloud detection and response (CDR) solution powered entirely by an AI security graph.

Continue reading →

The latest State of Pentesting report from Cobalt reveals that organizations are fixing less than half of all exploitable vulnerabilities, with just 21 percent of GenAI app flaws being resolved.

It also highlights a degree of over-confidence with 81 percent of security leaders saying they are 'confident' in their firm's security posture, despite 31 percent of the serious findings discovered having not been resolved.

Continue reading →

Today is World Quantum Day -- which probably means that it simultaneously both is and isn't. Seriously though, we're used to hearing dire warnings about how quantum computing threatens encryption and private communication, but of course it can also be part of the solution.

A new alliance between Partisia, a leader in multiparty computation (MPC), Squareroot8, a provider of quantum-safe communication solutions and NuSpace, a company specializing in IoT connectivity services and Satellite-As-A-Service wants to place a Quantum Random Number Generator (QRNG) on a satellite in space.

Continue reading →

Initial access brokers (IABs) are the invisible engine of modern cybercrime. They don't execute ransomware attacks, but they do enable them.

Research from Check Point External Risk Management (formerly Cyberint) shows that IABs are increasingly targeting smaller businesses, with 60.5 percent of listings targeting SMBs (companies with $5M - $50M revenue), representing a new 'sweet spot' for attackers.

Continue reading →

Organizations are increasingly faced with complex DDoS attacks that disrupt operations, increase latency, and compromise network security.

Security solutions company Gcore is launching 'Super Transit', which is not a big van but a cutting-edge DDoS protection and acceleration feature, designed to safeguard enterprise infrastructure while delivering lightning-fast connectivity.

Continue reading →

A new report from WatchGuard Technologies shows a 94 percent increase in network-based malware detections in the last quarter of 2024.

There’s also been an increase in overall malware detections including a six percent increase in Gateway AntiVirus (GAV) detections and a 74 percent increase in Advanced Persistent Threat (APT) Blocker detections, the most significant rises came from proactive machine learning detection offered by IntelligentAV (IAV) at 315 percent.

Continue reading →

Ransomware attacks reached a historic high in the first quarter of this year, with 2,063 victims reported, a 102 percent increase compared to the previous year.

The report from GuidePoint Security also records a record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5 percent year-on-year rise.

Continue reading →

New findings from threat protection platform BlackFog show the first quarter of 2025 has seen record-breaking numbers of publicly disclosed ransomware attacks, marking a 45 percent increase compared to Q1 of 2024.

Analysis of ransomware activity in the period from January to March saw records set each month. Both January and February set new monthly records for disclosed attacks, with increases from 2024 of 22 percent and 36 percent, respectively while March recorded the largest number of disclosed attacks since BlackFog began tracking in 2020, with 107 attacks -- an 81 percent increase compared with March 2024.

Continue reading →

New research from Object First shows 81 percent of IT professionals say immutable backup storage built on Zero Trust principles is the best defense against ransomware, and 54 percent view target backup appliances as more secure than integrated appliances.

The report, produced with Informa TechTarget's Enterprise Strategy Group, finds two-thirds of organizations have suffered an attack, and 45 percent experienced multiple attacks. Moreover, 49 percent of affected organizations took up to five business days to recover, and most could not recover all of their data.

Continue reading →

The enterprise device landscape is becoming much more complex and more dangerous, with the average device risk per industry increasing by 15 percent year-on-year.

A new report from Forescout highlights that network-connected devices, from traditional IT operating systems to specialized healthcare systems and OT machinery, are exposing organizations to damaging threats such as ransomware attacks and data exfiltration.

Continue reading →

A new report highlights how growing reliance on digital technologies across Europe, combined with geopolitical tensions and sophisticated threat actors, is creating a perfect storm that could put energy stability at risk and lead to the lights going out.

The study from security awareness training platform KnowBe4 shows the average number of cyberattacks against utilities more than doubled between 2020 and 2022. Specifically across Europe, cyber threats to the energy sector have surged, driven by an epidemic of under-reporting and lack of detection, with recent attacks disrupting operations, compromising sensitive data, and highlighting the urgent need for stronger cybersecurity measures.

Continue reading →

Despite still being in its infancy, it would be hard to overstate the impact that AI has already had on the cybersecurity landscape.

Not only has AI made it infinitely easier and faster to develop a wide range of traditional attacks -- such as phishing, business email compromise and malware -- it has also opened the door to novel strategies and threats. Worse yet, they allow threat actors to develop significantly more targeted and sophisticated attacks, regardless of their knowledge level or skill.

Continue reading →

According to a new report, 73 percent of IT decision-makers globally are concerned about nation-state actors using AI to develop more sophisticated and targeted cyberattacks.

The study from Armis warns that AI-powered cyberwarfare attacks are now becoming a supercharged cyber weapon and urges organizations to immediately close the divide between current cybersecurity programs and future proactive preparation as threats will increase.

Continue reading →

As organizations increasingly rely on third-party vendors, open-source components, and cloud services to bolster efficiency and scalability, they also open themselves to risks.

Historically they've relied on CVSS scores to measure the severity of risks, but a new report from Black Kite suggests that this method alone is not enough.

Continue reading →

Google is once again leaning into its Gemini brand, this time with a focus on cybersecurity. You see, the search giant has announced Sec-Gemini v1, an experimental new AI model. It is designed to help security professionals fight back against cyber threats using real-time data and advanced reasoning. Because AI makes everything better, right?

Look, folks, attackers only need to get lucky once, while defenders have to be right every time. That unfortunate imbalance has made cybersecurity a nightmare for many organizations. Google is hoping AI might change that, giving defenders a slight edge.

Continue reading →