Sophos has reported that almost half of companies targeted by ransomware attacks paid to regain access to their data, with the median payment amounting to $1 million. Sophos reports found that 46 percent of companies paid ransoms in 2025, the second highest rate in six years.
The Swiss financial regulator is urging SwissQuote to improve its cybersecurity measures due to increasing cybercrime risks, emphasizing the importance of strengthening defenses to protect client data and financial assets.
Filipino-American cybersecurity researcher Francis Mendoza has invented a new radical defensive architecture that may change how governments protect their power grids and pipelines from foreign adversaries.
Germany seeks to strengthen its cybersecurity collaboration with Israel in light of the recent escalation between Iran and Israel. Initiative “Cyber Dome” includes a German-Israeli cyber research center and expanded cooperation between Israel’s Mossad and Germany’s BND intelligence agency.
The US Department of Homeland Security warns the public that hacktivists and Iranian government-affiliated actors will likely target US networks, following the air strikes launched on Iranian nuclear sites on June 13, 2025.
Global AI-native cybersecurity solutions company Cybel has announced a partnership with Fintech Australia, aiming to strengthen cyber resilience across Australia’s fast-growing financial sector.
The Cybernews research team discovered a record-breaking breach of over 16 billion passwords worldwide, including Facebook, Google, and Apple credentials. Cybernews states that this is new data and not merely recycled from older breaches, and the data most likely comes from a wide variety of infostealers.
Lenovo PCCW Solutions is collaborating with leading Chinese cybersecurity firm Qi An Xin Technology to launch the first Security Operation Centre, aiming to address the urgent need for cybersecurity solutions amidst the surge of cyber threats.
Japan Prime Minister Shigeru Ishiba implements a new cybersecurity defense law ahead of national elections to take proactive measures against cyber threats. The legislation allows the government to monitor online communications and requires private companies to report cyberattacks.
The International Union of Railways is launching cybersecurity courses specifically for the transport industry. Developed by industry specialists, the CYRUS training program aims to address the growing need for cybersecurity awareness in the industry, particularly among non-technical staff.
Political tensions are prompting nations to re-strategize cybersecurity. Countries that once sought international cooperation and joint strategies are now prioritizing domestic cyber capacities and national interests as a result of geopolitical instabilities.
The UK government has announced its plans to invest in digital and artificial intelligence (AI) in public services, including the NHS, aiming to build strong technology foundations and tackle urgent cybersecurity risks.
Cybersecurity firm Cyera has raised $540 million in a Series E funding round, bringing its total to over $1.3 billion. Cyera’s valuation has surged to $6 billion in six months, reporting a 353 percent year-over-year growth.
Honeywell has debuted a series of AI-powered tools that intend to boost industrial autonomy, introducing a suite of AI cybersecurity solutions designed to ramp up Operation Technology defenses against the ever-evolving cyberthreat landscape.
US President Donald Trump issues a new cybersecurity-related Executive Order, overriding previous orders issued by former presidents Barack Obama and Joe Biden. The Executive Order will focus on “critical protections against foreign cyber threats and enhancing secure technology practices.”
An attempt to impersonate White House Chief of Staff Susie Wiles is currently being investigated by US federal agencies. The incident highlights the ongoing dangers posed by key individuals using their personal phones to store the phone numbers of important contacts, now that voice cloning enables cybercriminals to mimic anyone’s voice with ease.
In today’s daily round up – Qualcomm has patched three zero-day vulnerabilities which were actively exploited in targeted attacks against Android devices, Dedge Security has raised €4 million in seed funding to bolster its platform, and PTSD Resolution has teamed up with the Chartered Institute of Information Security to provide trauma therapy services to cybersecurity professionals.
InfoSecurity Europe 2025, which begins in London today, Tuesday, June 2nd, will this year be dominated by the rapidly growing threat posed by the weaponization of artificial intelligence (AI).
New to the conference is an AI and cloud security stage, which will exhibit ways organizations can counter the threat posed by AI. AI-driven cybersecurity also dominated the recent RSA conference in San Francisco. Over the last 12 months, threat actors haven’t wasted a moment capitalizing on the global fascination with Artificial Intelligence. As AI’s popularity surged over the past year, cybercriminals have been quick to exploit the new technology to carry out cyberattacks on an industrial scale.
In today’s daily roundup – Deepfake Phishing Targets Trump’s Chief of Staff, ConnectWise Breached by Suspected Nation-State Actor, and Unbound Security Raises $4M Seed Funding.
Many organizations’ ongoing enthusiasm for incorporating artificial intelligence (AI) is leaving them open to sophisticated and carefully planned cyber-attacks. Cybersecurity company Mandiant, a Google subsidiary, has issued an urgent warning for companies to be wary of downloading AI tools from unvetted websites.
In today’s daily roundup – Victoria’s Secret website faces a security breach, SentinelOne experienced a global service disruption affecting customer-facing services, and Chinese state-sponsored group APT41 is using Google Calendar to embed malware on compromised devices
A new Russian threat actor, Void Blizzard, also known as Laundry Bear, is gathering intelligence from Western states on an industrial scale unseen since the end of the Cold War. According to Microsoft Threat Intelligence, Void Blizzard primarily targets NATO member states, particularly those supporting Ukraine, and Ukraine.
The US healthcare sector is now reeling from a seemingly never-ending series of cyberattacks. The problem is becoming so dire that there is growing concern that it may even spark a genuine healthcare crisis. The recent ransomware attack on Kettering Health, for example, which operates 14 hospitals and over 120 medical facilities in Ohio, is merely the latest volley in a remorseless wave of cyberattacks on the cash-rich sector.
‘Smishing’ – cybercrime involving sending deceptive SMS text messages – has just been taken to a new and dangerous level by China’s crime syndicates. Cybersecurity company, Resecurity, has discovered a devastating new smishing kit known as “Panda Shop,” which comes complete with interactive manuals on how to use it.
The UK government is issuing a warning this week to all companies to make cybersecurity an “absolute priority”, following recent cyberattacks on retailers Marks & Spencer, Harrods, and the Co-op. UK cabinet office minister Pat McFadden is reported to have held a briefing last week with national security officials and the CEO of the National Cyber Security Centre, Richard Horne, aimed at providing support to the three retail groups.
Following an investigation by the Federal Bureau of Investigation (FBI), a pharmacist at the University of Maryland Medical Center, Dr. Matthew Bathula, is accused of allegedly carrying out a decade-long campaign of cyber-voyeurism. According to local newspaper, the Baltimore Banner, Bathula allegedly watched the women colleagues in real-time, including one while she was home breastfeeding, undressing, and having sex with her husband. Six of the women are suing the hospital for negligence.
Social media platform X suffered a major outage on March 10, with tens of thousands of users unable to access the site. Owner Elon Musk blamed the disruption on a “massive cyberattack,” suggesting that a well-funded group or nation-state may have been involved.
The outage, which peaked around 10 a.m. EST, affected both the X app and website, with intermittent service disruptions continuing throughout the day. As frustrated users flocked to alternative platforms like Threads and Bluesky, concerns grew over the security of X’s infrastructure.
AI-driven cyber-attacks are becoming a widespread threat, with 87% of security professionals reporting incidents in the past year, according to SoSafe’s latest cybercrime trends report. Despite the growing concern, only 26% of security experts express high confidence in their ability to detect such attacks.
The World Economic Forum noted a 223% rise in deepfake-related tools on dark web forums between early 2023 and 2024, further fueling concerns. While 91% of experts expect AI-driven attacks to surge over the next three years, nearly all respondents acknowledge the urgency of improving detection capabilities.
The frequency of Advanced Persistent Threats (APTs) has surged, with Kaspersky’s latest report revealing a 74% increase in such attacks compared to last year. APTs were detected in 25% of organizations, accounting for 43% of high-severity security incidents, highlighting a sharp rise in sophisticated cyber threats.
Kaspersky’s analysis suggests attackers are refining their tactics to bypass security measures, leveraging human-operated techniques rather than automated exploits. The report underscores the growing persistence of APT actors, emphasizing the need for proactive defense strategies across industries.
Companies are largely ignorant of the looming threat of increased artificial intelligence (AI) identity theft, despite the fact that 93 per cent of companies surveyed suffered two or more identity-related breaches in 2024.
According to leading identity management company CyberArk Software, executives and employees alike are overconfident of their ability to spot ongoing ID-theft and subsequent cyber breaches, with over 75 per cent of respondents to a recent survey saying that they are confident their employees can identify deepfake videos or audio of their leaders.
“Employees are [also] largely confident in their ability to identify a deepfake video or audio of the leaders in their organization. Whether we chalk it up to the illusion of control, planning fallacy, or just plain human optimism, this level of systemic confidence is misguided,” warns Cyberark following a survey of 4,000 US-based employees.
Cybersecurity professionals are restless, with over 60% planning to switch jobs in the next year. A new study by IANS Research and Artico Search highlights career stagnation as a major reason, while salaries remain high across the industry.
The report finds senior professionals are the most eager to leave, frustrated by limited growth opportunities. Specialists in cloud security, application security, and threat intelligence, however, continue to command the highest salaries.
Lee Enterprises is investigating a claim from the Qilin ransomware group, which alleges it stole 350GB of data from the newspaper chain’s network in an early February attack.
According to SentinelOne researchers, Qilin has threatened to begin leaking data on March 5, though the specific ransom demand remains unknown. A Lee Enterprises spokesperson confirmed awareness of the claims but provided no further details on the investigation.
DISA Global Solutions, Inc., a provider of employment screening services, confirmed a data breach impacting over 3.3 million individuals.
The breach, which occurred between February 9 and April 22, 2024, granted an unauthorized third party access to names, Social Security numbers, driver’s license details, financial account information, and other sensitive data. While forensics could not confirm the exact extent of the stolen data, the exposure raises concerns over identity theft risks for affected individuals.
A Riyadh-based real estate and construction company has fallen victim to a ransomware attack by DragonForce, resulting in the theft of 6TB of sensitive data.
The attackers initially set a February 27 ransom deadline, one day before the start of Ramadan, but upon non-compliance, published the stolen data on a dedicated leak site (DLS).
DragonForce operates as a Ransomware-as-a-Service (RaaS) group, equipping cybercriminals with attack tools in exchange for a share of ransom payments. Their leak platform also employs advanced CAPTCHA mechanisms to evade security firms.
Ransomware attacks on the operational technology (OT) and industrial control systems (ICS) that run industrial facilities almost doubled in 2024. According to Washington DC-based industrial cybersecurity company Dragos, ransomware attacks on industrial organizations in 2024 increased by a staggering 87 percent over the previous year.
The main industries targeted were: electricity and water; industrial manufacturing; telecommunications; oil and gas; food and beverage; chemical manufacturing; mining, transportation, and logistics. Manufacturing, which accounted for 69 percent of all ransomware attacks targeting 1,171 manufacturing entities, was by far the worst hit.
Approximately 2,850 Ivanti Connect Secure VPN instances remain vulnerable to CVE-2025-22467, a critical stack buffer-overflow flaw, according to Shadowserver Foundation.
Despite Ivanti patching the vulnerability on February 11, unpatched devices could allow remote authenticated attackers to execute code. The U.S. and Japan lead in exposure, with 852 and 384 vulnerable instances, respectively.
A vast botnet of over 130,000 compromised devices is now attacking Microsoft 365 accounts worldwide. A botnet is a network of computing devices that have been surreptitiously taken over by hackers and are being controlled remotely without the owners’ knowledge.
Microsoft 365 accounts are suffering from ‘password spray attacks’ by the botnet. This involves mass attempts to use large numbers of common passwords to infiltrate users’ Microsoft accounts, targeting basic authentication procedures and thereby bypassing multi-factor authentication.
A new and unusually dangerous and sophisticated gang of cybercriminals, named BlackLock, has emerged as a major ransomware threat in 2025.
Cybersecurity company Reliaquest observed a staggering 1,425 percent increase in the gang’s activities in the last quarter of 2024. Its ransomware is built to target Windows, VMWare ESXi, and Linux environments and is designed as a double-extortion attack, which involves not only locking the target organization’s critical data by encrypting it, but also by identifying sensitive information and threatening to expose it.
“BlackLock’s rise has been both swift and strategic, targeting organizations across a wide range of sectors and geographies,” reports Reliaquest.
Financial services companies worldwide saw the number of distributed denial-of-service (DDoS) attacks more than double in the second half of 2024. A DDoS attack is a malicious attempt to disrupt a service by overwhelming it with a flood of internet traffic. In the same period, the total number of DDoS attacks globally grew by 17 percent.
According to global hosting and cloud services company Gcore, the financial services sector saw the most significant rise of any sector in the third and fourth quarters of 2024, with a rise of 117 percent. This marks a consistent overall increase in DDoS attacks quarter on quarter. While the third and fourth quarters of 2024 showed an increase of 17 percent, this represents a 56 percent rise over the same period in 2023.
Editorial Team
