Information Security News: TSA’s Airport Facial-Recog Tech Faces Audit ProbeThe Register by Brandon VigliaroloThe U.S. Transportation Security Administration’s (TSA) facial recognition program is under audit by the Government Accountability Office (GAO) due to concerns over privacy, data security, and potential biases. The audit will assess …
If your business handles client or customer data (and let’s be honest, that includes almost every business these days), you have a responsibility to protect it.
Yet, too many still see data privacy as an afterthought—something to think about only when a breach happens, only when the regulators come knocking, only when customers start asking questions.
The truth is: Privacy isn’t just about compliance—it’s about competitive advantage. Businesses that prioritise privacy build stronger relationships, enhance loyalty, and set themselves apart in a world where trust is the ultimate currency.
And it’s not just about business. It’s about people.
Data protection is about more than preventing hacks and avoiding fines. It’s about protecting individuals from real harm.
Every time a company stores, tracks, or shares data without robust protections, it’s not just putting its reputation at risk—it’s potentially putting someone’s safety at risk.
Privacy failures, weak security policies, and a lack of user control can unintentionally enable abusers. From tracking location data to exploiting weak authentication measures, poorly designed systems can become tools of control and coercion.
These technologies weren’t designed for abuse. But because risk and compliance teams didn’t anticipate these threats, they have become tools of control.
This is why businesses must think beyond compliance checklists.
So what can businesses do—not just on Data Protection Day, but every day?
➡ Data privacy should be proactive, not reactive.
➡ Make explicit consent mandatory for all data sharing, and ensure customers can easily control and revoke access to their data.
➡ TFDV and privacy concerns don’t stop at jurisdictional lines.
➡ If your business operates across regions, privacy protections should travel with the individual, not reset when they cross a border.
➡ Cyber teams already track fraudulent logins and suspicious activity.
➡ Why not apply the same vigilance to patterns of coercion—such as repeated password resets, changes in account access, or unusual tracking permissions?
➡ The real question isn’t “Are we compliant?”—it’s “Are we building safe, privacy-conscious systems?”
➡ Companies that lead with ethical privacy protections will be the ones customers trust the most.
Some businesses still resist strengthening privacy protections because it feels too complicated or too expensive.
But let’s be clear: The real cost of inaction isn’t a fine. It’s the loss of trust.
If your business had the power to prevent even one person from experiencing digital abuse, would you take that opportunity? Because you do. Right now.
Every system you build, every policy you create, every decision you make about who gets access to what data has real-world consequences.
Data Protection Day shouldn’t be the only time we talk about this.
So, let’s move beyond just checking the box—let’s make privacy protection a competitive edge, an ethical responsibility, and a commitment to trust that lasts long after January 28th.
Co-Founder & CEO of 3 Steps Data | CyAN Global VP | Award-winning author | Storyteller | Advocate for digital/cyber security, sovereignty, compliance/governance & end-user empowerment.
Information Security News: US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration Security Week via Associated PressThe role of the US Cybersecurity and Infrastructure Security Agency (CISA) in safeguarding elections is increasingly uncertain under the Trump administration. While CISA played a …
January 28th was Data Protection Day—a global reminder that privacy isn’t just a legal formality or an operational headache. It’s a fundamental pillar of trust. If your business handles client or customer data (and let’s be honest, that includes almost every business these days), you …
In today’s hyper-connected, rapidly evolving digital landscape, traditional cybersecurity paradigms no longer suffice. The perimeter-based approach, which relied on securing the network boundary, has become obsolete as organizations increasingly adopt cloud computing, remote work, and AI-driven tools. The competitive nature of artificial intelligence (AI) further intensifies this shift, as both attackers and defenders leverage AI to outsmart one another. In this environment, identity has emerged as the new cybersecurity perimeter—a critical linchpin in safeguarding organisational data, systems, and operations.
The Erosion of Traditional Perimeters
Historically, organisations built their cybersecurity posture around the concept of a secure perimeter—firewalls, VPNs, and network access controls that protected assets within a defined boundary. However, this approach fails to account for the following shifts:
1. Remote Work: The global pivot to remote work during the pandemic led to a massive increase in access requests from outside the corporate network. Employees, contractors, and third-party vendors now access organisational resources from anywhere, using a wide range of devices.
2. Cloud Adoption: Enterprises increasingly host critical applications and data in the cloud, which blurs the boundaries of traditional networks. This shift decentralises access points and complicates traditional perimeter defences.
3. AI-Driven Collaboration: Tools powered by AI, such as advanced analytics, generative AI, and automation platforms, amplify productivity but also create new security challenges, including unpredictable data flows and potential vulnerabilities in AI models.
In this context, identity has become the foundational layer of security, requiring organisations to shift their focus to verifying who is accessing resources rather than where they are accessing them from.
Why Identity is the New Perimeter
Identity refers to the digital representation of individuals, systems, and devices within an organisation. Establishing and verifying identity is the gateway to all interactions with digital resources. Here’s why it plays a critical role:
1. Zero Trust Architecture
The principle of Zero Trust—“never trust, always verify”—relies heavily on identity. Instead of assuming users or devices are trustworthy based on their location within the network, Zero Trust continuously validates their identity, device health, and access privileges. By focusing on identity, organisations can enforce least-privilege access, ensuring users only access resources essential to their role.
2. Mitigating AI-Driven Threats
AI has become a double-edged sword. While it enhances cybersecurity defences through predictive analytics and automated responses, cybercriminals also exploit AI to launch sophisticated attacks such as:
• Deepfakes: AI-generated deepfakes can impersonate executives to authorize fraudulent transactions.
• AI-Powered Phishing: Attackers use generative AI to craft highly convincing phishing emails that bypass traditional detection methods.
• Automated Credential Stuffing: AI algorithms can test billions of stolen username-password combinations to gain unauthorised access.
Strong identity controls—such as multi-factor authentication (MFA), biometric authentication, and behavioural analysis—are critical to mitigating these threats.
3. Securing AI Models and Workflows
AI systems require secure training data, algorithms, and models. Compromising the identity of users or systems involved in AI development can lead to adversarial attacks, model poisoning, or intellectual property theft. Identity governance ensures that only authorized users have access to sensitive AI workflows and datasets.
4. Third-Party Risk Management
Organisations rely on third-party vendors for AI tools and cloud-based services, introducing additional risk. Identity-centric approaches like privileged access management (PAM) ensure external partners have appropriate, time-bound access without exposing sensitive resources.
Core Strategies for Building an Identity-Centric Cybersecurity Posture
To embrace identity as the new perimeter, organizations must adopt a holistic approach. Here are the key strategies:
1. Adopt a Zero Trust Framework
Implement Zero Trust principles to eliminate implicit trust and continuously verify users, devices, and their behaviour. This includes:
• Enforcing MFA across all applications and platforms.
• Using role-based access controls (RBAC) to limit access based on job responsibilities.
• Leveraging conditional access policies to dynamically adjust access based on risk factors (e.g., login location or device posture).
2. Leverage AI for Identity Management
AI can be a powerful ally in securing identity. Use AI-driven identity solutions to:
• Detect anomalous behaviour (e.g., unusual login times or locations).
• Automate provisioning and deprovisioning of user accounts.
• Predict and prevent credential-based attacks by identifying compromised accounts.
3. Strengthen Identity Governance
Identity governance ensures users have the right level of access at the right time. It includes periodic reviews of access privileges, automated approval workflows, and integration with HR systems to immediately revoke access when employees leave the organisation.
4. Secure Machine Identities
In an AI-driven environment, machine identities—representing applications, APIs, and AI models—are as critical as human identities. Protect these identities using:
• Digital certificates and encryption.
• Automated key management systems.
• Continuous monitoring of API usage patterns for signs of compromise.
5. Educate and Empower Users
Human error remains a significant vulnerability. Regularly train employees and third-party users on identity best practices, including recognizing phishing attempts, safeguarding credentials, and using MFA effectively.
The Role of Competitive AI in Cybersecurity
The rise of competitive AI has transformed both the threat landscape and the defensive toolkit for organisations. Attackers are using AI to scale their operations, while defenders must harness AI to stay one step ahead. In this arms race, identity-based solutions offer a strategic advantage:
1. Proactive Threat Detection: AI-powered tools can monitor identity-related events, such as login anomalies or unusual privilege escalation, and take immediate action to mitigate threats.
2. Adaptive Authentication: AI enhances adaptive authentication systems by analysing contextual signals (e.g., device type, behaviour patterns) to decide whether to grant access or require additional verification.
3. AI-Augmented Forensics: When breaches occur, AI can analyse identity-related logs at scale, identifying the root cause and preventing similar incidents.
The Future of Identity-Centric Security
As AI continues to advance, organisations must future-proof their identity strategies to address emerging challenges. Key trends include:
• Decentralized Identity: Blockchain-based identity systems may reduce reliance on centralized identity providers, improving privacy and control.
• Behavioural Biometrics: AI-driven analysis of typing patterns, mouse movements, and other behavioural traits will enhance authentication mechanisms.
• Quantum-Resistant Identity Solutions: With the advent of quantum computing, traditional encryption methods may become vulnerable. Organizations must explore quantum-resistant algorithms for identity protection.
Conclusion
In the current, and dynamic, environment where the competitive AI landscape is redefining both opportunities and threats, identity has become the cornerstone of organisational cybersecurity. By treating identity as the new perimeter, organizations can better navigate the complexities of remote work, cloud adoption, and AI-driven collaboration. Through Zero Trust principles, robust identity governance, and AI-enhanced security tools, businesses can protect their critical assets and maintain a strong cybersecurity posture in the face of evolving threats.
Identity is no longer just about access—it’s about trust, resilience, and adaptability in a world where the stakes have never been higher.
Information Security News US freezes foreign aid, halting cybersecurity defence and policy funds for alliesThe Register by Jessica LyonsRead more here The U.S. government has frozen foreign aid, including funds allocated to support allies’ cybersecurity defense and policy initiatives. This unexpected move could leave critical …
China’s AI ambitions have been making headlines for years, but recent developments have thrown a curveball into the global tech landscape. DeepSeek, a Chinese AI company, has managed to develop a top-tier AI model despite facing significant sanctions and restrictions. And here’s the kicker—it’s open …
Google Cloud Links Poor Credentials to Nearly Half of All Cloud-Based Attacks
By Matt Kapko, Cybersecurity Dive
Read more
Google Cloud has reported that nearly half of all cloud-based cyberattacks can be traced back to weak or compromised credentials. Attackers frequently exploit poor password hygiene and misconfigured access controls to infiltrate cloud environments, leading to data breaches and system disruptions. Security experts recommend enforcing multi-factor authentication, rotating credentials regularly, and conducting periodic audits to identify potential weaknesses. The findings underscore the critical need for robust identity and access management practices to secure cloud infrastructures.
Tesla EV Charger Hacked Twice on Second Day of Pwn2Own Tokyo
By Sergiu Gatlan, Bleeping Computer
Read more
Security researchers at Pwn2Own Tokyo successfully hacked Tesla’s EV charger twice in a single day, exposing vulnerabilities that could allow attackers to manipulate charging operations or access connected networks. The flaws, discovered through ethical hacking efforts, highlight the cybersecurity challenges in the rapidly growing EV ecosystem. Tesla has been informed and is expected to release patches to address these issues. This incident underscores the importance of continuous testing and proactive security measures for smart infrastructure.
Patch Now: Cisco Fixes Critical 9.9-Rated, Make-Me-Admin Bug
By Jessica Lyons, The Register
Read more
Cisco has released a critical patch for a vulnerability rated 9.9/10, which could allow attackers to escalate privileges and gain administrative control over affected systems. The flaw, found in the Web UI of multiple Cisco products, poses a severe risk to enterprises that delay patching. Security experts urge organisations to apply the update immediately to prevent potential exploitation. This incident serves as another reminder of the risks posed by unpatched vulnerabilities and the importance of timely updates in enterprise environments.
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks
By Ravie Lakshmanan, The Hacker News
Read more
Cybercriminals are using fake CAPTCHA verification pages to distribute the Lumma Stealer malware, targeting industries ranging from finance to healthcare. This sophisticated phishing campaign tricks users into downloading the malware, which is designed to steal credentials, financial information, and browser data. Researchers warn that the campaign is gaining traction globally, urging organisations to enhance user awareness and deploy endpoint protection solutions to combat evolving social engineering tactics.
Cloudflare CDN Bug Outs User Locations on Signal, Discord
By Elizabeth Montalbano, Dark Reading
Read more
A Cloudflare content delivery network (CDN) bug has inadvertently exposed user locations on popular platforms such as Signal and Discord. The vulnerability, which allowed attackers to determine the approximate physical location of users, has raised concerns over privacy and data security. Cloudflare has since patched the issue, but the incident highlights the growing risks of relying on third-party services for critical infrastructure. Users are advised to remain vigilant and review privacy settings to minimise exposure.
FBI: North Korean IT Workers Steal Source Code to Extort Employers
By Sergiu Gatlan, Bleeping Computer
Read more
The FBI has uncovered a scheme where North Korean IT workers, posing as remote contractors, infiltrated companies and stole proprietary source code to extort their employers. These operatives, often working under false identities, gained access to critical systems, demanding ransom payments to prevent data leaks. The campaign highlights the growing threat of insider attacks and the importance of thorough background checks and access controls. Organisations are urged to monitor remote employees carefully to prevent such exploits.
New Backdoor Discovered That Specifically Targets Juniper Routers
By Greg Otto, Cyberscoop
Read more
Researchers have identified a new backdoor targeting Juniper routers, enabling attackers to gain persistent access to enterprise networks. The malware exploits misconfigurations and outdated firmware, allowing cybercriminals to intercept traffic, steal credentials, and move laterally across systems. Security experts stress the importance of timely firmware updates, network segmentation, and continuous monitoring to detect and block potential intrusions. Organisations using Juniper devices are urged to conduct immediate security assessments.
LinkedIn Sued for Disclosing Customer Information to Train AI Models
By Jonathan Stempel, itNews
Read more
LinkedIn is facing a lawsuit over allegations that it disclosed user data without consent to train artificial intelligence models. Plaintiffs argue that the platform harvested personal information from millions of users to improve AI-driven services, violating privacy rights and data protection laws. The case highlights the growing tension between AI innovation and user privacy, with regulators closely watching the outcome. LinkedIn has denied wrongdoing, but the lawsuit raises concerns about ethical data practices in the AI age.
Crossbenchers Urge Labor to Act Immediately on Deepfakes and Misinformation Before Next Election
By Krishani Dhanji, The Guardian
Read more
Australian crossbench politicians are pressuring the government to implement stricter regulations against deepfakes and misinformation ahead of the next federal election. Lawmakers warn that the rapid spread of AI-generated disinformation could undermine public trust and election integrity. Recommendations include tighter platform regulations, public awareness campaigns, and enhanced fact-checking capabilities. With global elections approaching, the call for immediate action reflects growing concerns over the potential misuse of emerging technologies in shaping public opinion.
EU Commission Calls for Health Sector ‘Cyber Action Plan’
By Marianne Kolbasuk McGee, ISMG Data Breach Today
Read more
The European Commission has urged the healthcare sector to adopt a comprehensive cyber action plan to address the growing threat landscape. With cyberattacks targeting hospitals and medical institutions on the rise, the plan calls for improved incident response, enhanced threat intelligence sharing, and stricter compliance with cybersecurity regulations. The Commission highlights the critical nature of securing healthcare data and infrastructure to protect patient safety and operational continuity.
President Trump Scraps Biden’s AI Safety Executive Order
By Rashmi Ramesh, ISMG Info Risk Today
Read more
US President Trump has announced plans to repeal President Biden’s executive order on AI safety, citing concerns that it stifles innovation and imposes excessive regulatory burdens. The original order aimed to establish guidelines for ethical AI use and development, focusing on mitigating risks related to bias, security, and accountability. Critics argue that rolling back these measures could weaken efforts to ensure responsible AI deployment. The debate highlights the ongoing tension between regulation and innovation in the rapidly evolving AI landscape.
DHS Disbands Existing Advisory Board Memberships, Raising Questions About CSRB
By David Jones, Cybersecurity Dive
Read more
The U.S. Department of Homeland Security has unexpectedly disbanded its advisory board memberships, raising concerns about the future of the Cyber Safety Review Board (CSRB). The move has sparked speculation about potential restructuring and its impact on ongoing cybersecurity initiatives. Industry experts worry that the decision could hinder collaboration between the public and private sectors in addressing cyber threats. DHS officials have assured stakeholders that new appointments will be made, but the shake-up has left many questioning the board’s continuity and long-term strategic direction.
PowerSchool Theft Latest: Decades of Canadian Student Records, Data from 40-Plus US States Feared Stolen
By Iain Thomson, The Register
Read more
A massive data breach involving PowerSchool, a widely used education technology platform, has potentially exposed decades of student records from Canada and over 40 U.S. states. The compromised data includes personal information, academic records, and possibly financial details, raising serious privacy concerns. Authorities are investigating the breach, and affected institutions are urged to enhance their security measures. This incident highlights the vulnerability of educational data and the need for stricter data protection policies.
Ransomware Groups Pose as Fake Tech Support Over Teams
By Derek B. Johnson, Cyberscoop
Read more
Cybercriminals are impersonating IT support staff on Microsoft Teams to trick employees into installing ransomware. This social engineering tactic leverages the trust employees place in internal support channels, allowing attackers to deploy malware with minimal suspicion. Security experts recommend organisations implement stricter verification processes and employee training to recognise fraudulent communications. The campaign underscores the increasing sophistication of ransomware operators and the need for multi-layered security approaches.
Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers
By Becky Bracken, Dark Reading
Read more
US President Trump has reportedly dismissed members of the Cyber Safety Review Board (CSRB) tasked with investigating the Salt Typhoon cyberattacks, raising concerns over the future of cybersecurity governance. The board was analysing the long-term implications of the sophisticated campaign attributed to nation-state actors. Critics argue that the move disrupts critical investigations and weakens national cybersecurity initiatives. The decision has sparked debate over balancing government oversight with independent cybersecurity assessments.
Fake Homebrew Google Ads Target Mac Users With Malware
By Bill Toulas, Bleeping Computer
Read more
Cybercriminals are using fake Google ads promoting Homebrew, a popular package manager for macOS, to distribute malware targeting unsuspecting users. The deceptive ads lead to malicious sites that trick users into downloading trojanised installers, compromising their systems. Experts warn Mac users to verify download sources and rely on official websites to avoid falling victim to such scams. This campaign highlights the growing trend of threat actors leveraging trusted software names to distribute malware.
Patch Procrastination Leaves 50,000 Fortinet Firewalls Vulnerable to Zero-Day
By Connor Jones, The Register
Read more
Despite warnings, over 50,000 Fortinet firewalls remain unpatched and vulnerable to a critical zero-day exploit that attackers are actively exploiting. The vulnerability allows remote code execution, potentially granting cybercriminals access to sensitive data and internal networks. Security experts emphasise the urgency of applying patches to prevent compromise. This incident highlights the persistent challenge of patch management and the risks organisations face when critical vulnerabilities are left unaddressed.
Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks
By Elizabeth Montalbano, Dark Reading
Read more
Variants of the infamous Mirai botnet are behind a recent surge in distributed denial-of-service (DDoS) attacks targeting businesses and critical infrastructure worldwide. The spinoffs exploit vulnerable IoT devices, amplifying their reach and impact. Researchers warn that threat actors are refining their tactics, making detection and mitigation increasingly challenging. Organisations are urged to secure IoT deployments and implement robust traffic filtering solutions to mitigate the threat. The attacks serve as a stark reminder of the persistent risks posed by insecure connected devices.
Ransomware Gangs Pose as IT Support in Microsoft Teams Phishing Attacks
By Bill Toulas, Bleeping Computer
Read more
Cybercriminals are masquerading as IT support staff in Microsoft Teams chats to trick employees into installing ransomware. Using social engineering tactics, attackers convince users to download malicious files, gaining access to corporate networks. The scheme exploits the trust employees place in internal communication tools. Security experts recommend implementing multi-factor authentication, conducting awareness training, and enabling strict access controls to mitigate the risk. The attack highlights the evolving sophistication of ransomware operations.
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
By Ravie Lakshmanan, The Hacker News
Read more
Cybercriminals have hijacked 13,000 MikroTik routers to create a botnet used in widespread malspam and cyberattacks. The compromised routers are being leveraged to distribute malware, launch phishing campaigns, and perform reconnaissance on targeted networks. Researchers have identified vulnerabilities in outdated router firmware as the primary entry point for attackers. MikroTik users are urged to apply firmware updates, change default credentials, and monitor traffic for unusual activity. This incident underscores the risks of unsecured IoT devices being weaponised by threat actors.
Ukraine’s State Register Restored After Russian Cyber Attack
By David Hollingworth, Cyberdaily.au
Read more
Ukrainian officials have successfully restored the country’s state register following a disruptive cyberattack attributed to Russian-backed hackers. The attack, which targeted critical government databases, temporarily crippled access to key public services. Authorities have reinforced security measures to prevent further incidents and are investigating the methods used by attackers. This incident highlights the ongoing cyber conflict between Ukraine and Russia, emphasising the importance of resilience and robust cybersecurity strategies for national infrastructure.
EU to Take Aim at Healthcare Cyber Threat
By Karin Lindström, CSO
Read more
The European Union is set to introduce new measures to tackle the growing cybersecurity threats facing the healthcare sector. With a rising number of attacks targeting hospitals and healthcare providers, the initiative aims to establish stronger compliance frameworks, enhance data protection, and improve incident response capabilities. Healthcare organisations are urged to adopt robust cybersecurity measures to safeguard sensitive patient data and ensure continuity of care. The initiative reflects the EU’s commitment to strengthening the security posture of critical sectors.
Cybersecurity a Key Concern Ahead of Australia’s 2025 Federal Election
By David Hollingworth, Cyberdaily
Read more
With Australia’s 2025 federal election approaching, cybersecurity experts are raising alarms about the potential for cyber threats to disrupt the democratic process. Concerns include misinformation campaigns, deepfake technology, and potential attacks on election infrastructure. Lawmakers and cybersecurity agencies are working to strengthen defences, enhance public awareness, and implement regulatory measures to counter these risks. The government is urged to act swiftly to protect voter confidence and ensure election integrity in the face of evolving cyber threats.
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits
By Ravie Lakshmanan, The Hacker News
Read more
Ukraine’s cybersecurity agency CERT-UA has issued a warning about a new scam campaign using fake AnyDesk remote access requests to trick users into fraudulent security audits. Threat actors impersonate legitimate IT professionals to gain control over victims’ systems, stealing sensitive data or deploying malware. Businesses and individuals are urged to verify all unsolicited audit requests and implement stricter access controls. This campaign highlights the ongoing reliance on social engineering tactics to exploit trust and infiltrate systems.
HPE is Investigating IntelBroker’s Claims of the Company Hack
By Pierluigi Paganini, Security Affairs
Read more
Hewlett Packard Enterprise (HPE) is investigating claims made by the cybercriminal group IntelBroker, who allege they have breached HPE’s internal systems and accessed sensitive corporate data. The company has engaged cybersecurity experts to assess the legitimacy of the claims and identify potential vulnerabilities. If confirmed, this breach could have significant implications for HPE’s operations and customer trust. The incident underscores the persistent threats faced by large corporations and the importance of robust cybersecurity frameworks to prevent unauthorised access.
The Technological Poison Pill: How ATProtocol Encourages Competition, Resists Evil Billionaires, Lock-In & Enshittification
By Mike Masnick, Tech Dirt
Read more
The ATProtocol, designed to decentralise social media and foster competition, presents a compelling solution to the monopolisation of online platforms. This analysis explores how the protocol can combat corporate lock-in, safeguard user data, and resist platform manipulation by powerful interests. While the protocol offers promising solutions, challenges such as adoption hurdles and interoperability remain. The article argues that open, decentralised systems could reshape the digital landscape, providing users with greater control over their online presence.
The Security Risk of Rampant Shadow AI
By Anuj Jaiswal, Dark Reading
Read more
Shadow AI—the unregulated use of artificial intelligence tools within organisations—poses significant security risks, as employees adopt AI solutions without proper oversight. This lack of visibility can lead to data leaks, compliance violations, and vulnerabilities introduced by untested models. The article explores strategies to mitigate these risks, including clear AI governance frameworks, employee training, and continuous monitoring. As AI adoption accelerates, organisations must prioritise security to prevent unintended exposure and potential breaches.
Salt Typhoon: The Other Shoe Has Dropped, but Consternation Continues
By Natto Thoughts, Substack
Read more
The Salt Typhoon cyber espionage campaign continues to raise concerns as new revelations emerge about the depth and scale of the attack. Security experts are scrambling to understand the full extent of data exfiltration and the potential geopolitical implications. This analysis delves into the latest findings and outlines proactive steps organisations can take to strengthen defences against sophisticated nation-state attacks. The article highlights the need for improved threat intelligence sharing and robust incident response planning.
AI and Cybersecurity: A Double-Edged Sword
By Aaron Momin, CIO
Read more
AI is revolutionising cybersecurity by enhancing threat detection and automating responses, but it also introduces new risks that attackers can exploit. This article explores how AI-driven solutions can improve incident response and detection while highlighting the dangers of adversarial AI techniques used to bypass security measures. Organisations must strike a balance between leveraging AI for protection and mitigating its potential misuse. The piece provides practical insights into integrating AI while maintaining a strong human oversight component.
Medusa Ransomware: What You Need To Know
By Graham Cluley, Tripwire
Read more
The Medusa ransomware group has emerged as a formidable threat, targeting businesses and critical infrastructure with sophisticated attacks. Known for encrypting files and demanding steep ransoms, the group has also adopted a double-extortion tactic—leaking stolen data if payments are not made. Security experts advise organisations to strengthen backup strategies, implement multi-layered defences, and conduct regular employee training to mitigate the risk. With ransomware tactics evolving rapidly, businesses must remain vigilant against these persistent threats.
Cyber Market Enters 2025 with Buyer-Friendly Trends – Gallagher
By Kenneth Araullo, Insurance Business
Read more
The cybersecurity insurance market is entering 2025 with trends favouring buyers, as increased competition among insurers drives down premiums and expands coverage options. Companies are now able to negotiate better terms, but insurers are also tightening underwriting standards to ensure policyholders maintain strong security postures. This analysis highlights the evolving risk landscape, emphasising the need for businesses to align their cybersecurity efforts with insurance expectations to secure optimal coverage.
Ransomware, Organisations, Utilities, and Governments
By PrivID, Substack
Read more
Ransomware continues to be a major threat to organisations, utilities, and government entities, with attacks becoming more sophisticated and targeted. This analysis explores how ransomware groups are evolving their tactics, including double extortion and supply chain attacks, putting critical infrastructure at heightened risk. The piece provides actionable insights on how organisations can bolster their defences through proactive risk management, incident response planning, and collaboration with law enforcement agencies to mitigate potential disruptions.
Cyber Insights 2025: Attack Surface Management
By Kevin Townsend, Security Week
Read more
As cyber threats grow in complexity, attack surface management (ASM) is becoming a crucial strategy for organisations to identify and reduce potential entry points for attackers. This analysis examines how ASM tools provide real-time visibility into assets, vulnerabilities, and misconfigurations, helping businesses stay one step ahead of threat actors. With the rapid expansion of cloud services and IoT devices, the need for a proactive, continuous approach to attack surface monitoring has never been greater.
Highlights from Last Week’s Cybersecurity Research Sources by Evisec – CRD #15
Powered by Evisec
Read more
Highlights from the latest cybersecurity research:
AI Trust and Safety Re-Imagining Programme
Global Call for Submissions – UNDP
Read more
The UNDP is calling for submissions on how to re-imagine trust and safety in the age of AI. This programme aims to address the challenges posed by AI-driven technologies and develop innovative solutions to ensure ethical and responsible use.
Please welcome our newest member from New Zealand, Krishna Pasumarthi! Krish is a seasoned IT Risk & Security leader with over 20 years of experience specializing in cybersecurity strategy, third-party risk management, and security managed services. As the Managing Director of Cybrgen, he advises C-suite …
