The ransomware crisis continues to deepen. In the first half of 2025, 3,627 attacks were logged worldwide, a 47% jump from the same period last year. But confirmation remains scarce. According to Comparitech, of those incidents, just 445 were publicly…
Category: EN
Stolen Identities Now the Biggest Threat in Cybersecurity
The biggest threat to your business may no longer be malware or ransomware. It’s your people. Or rather, their identities. Between 2023 and the first quarter of 2025, identity-driven threats surged by 156%, now accounting for 59% of all confirmed…
Ransomware Attack Cripples Ingram Micro, Disrupts Global Services
Ingram Micro has confirmed a ransomware attack that has forced systems offline and disrupted core services across its global operations. The breach, first reported as an unexplained outage on 3 July has now been linked to the SafePay ransomware group,…
Mitigating the Toxic Cloud Trilogy to Empower Everyone from the Most to the Least Tech-Savvy
Cloud computing has its perks: speed, scalability, and innovation, to name just a few. However, increasing reliance on cloud computing has changed the threat landscape and created substantial points of vulnerability. The toxic cloud trilogy of cloud workload risks –…
Hijacking Ollama’s Signed Installer for Code Execution
This blog post is part of an ongoing series exploring how AI related tools aimed at developers can be exploited to compromise their machines. As these tools increasingly integrate deep system access, they also expand the attack surface available to…
Behind the Booking: How Bots Are Undermining Airline Revenue
The airline industry is under constant attack from malicious bots. Bad actors use automation to scrape fares, hoard inventory, commit fraud, and compromise customer accounts. While every airline faces its own unique challenges, the business impacts are remarkably consistent—lost revenue,…
How to Secure Your Promo Codes Against Cyber Exploits
Promo codes provide a fantastic opportunity to increase customer traffic and generate sales, yet there is a potential risk with them. Promo codes are one of the objects of interest to cybercriminals because they exploit those codes and use them…
Empowered employees strengthen financial sector digital resilience
Ensuring that any organisation can withstand, respond effectively to and recover quickly from ICT disruptions is a strategic imperative. This is particularly true within the financial sector. The Digital Operational Resilience Act (DORA), which became mandatory on 17 January this…
Trust nothing, verify everything: Why the UK public sector must embrace Zero Trust
The UK’s public sector is under siege. Not by visible enemies, but by a wave of cyber threats. In 2024, the National Cyber Security Centre reported a 16% increase in serious attacks impacting national security. These aren’t theoretical risks. They…
Black Duck Sets New Standard with Polaris, First AppSec SaaS Hosted in Saudi Arabia
Leading global application security provider Black Duck has reinforced its commitment to the Saudi Arabian market with the introduction of the Black Duck Polaris® Platform as the first application security software as a service (SaaS) platform hosted in the Kingdom of…
Introducing Threat Watch Live: Heimdal’s New Monthly Cybersecurity Intelligence Webinar
At Heimdal, we know there’s no shortage of noise when it comes to cybersecurity news. But what MSP leaders and technical teams really need isn’t more headlines. It’s clear, focused intelligence that helps you act fast and stay ahead. That’s…
Advancing Protection in Chrome on Android
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and…
NordDragonScan: Quiet Data-Harvester on Windows
FortiGuard Labs explores how NordDragonScan utilizes an effective distribution network for dissemination. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: NordDragonScan: Quiet Data-Harvester on Windows
KB5062554 – Microsoft Releases Cumulative Update for Windows 10 With July 2025 Patch Tuesday
Microsoft rolled out its latest cumulative update for Windows 10, version 21H2 and 22H2, as well as Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021. The update, identified as KB5062554 (OS Builds 19044.6093 and 19045.6093), includes…
Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability in Microsoft Remote Desktop Client could allow attackers to execute arbitrary code on victim systems. The vulnerability, designated as CVE-2025-48817, affects multiple versions of Windows and poses significant security risks for organizations that rely on Remote…
10 Best Secure Web Gateway Vendors In 2025
In 2025, the need for robust secure web gateways (SWGs) has never been greater. As organizations shift to hybrid work, cloud-first strategies, and digital transformation, threats targeting web traffic have grown in sophistication. Secure web gateways are now a foundational…
Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network
A critical information disclosure vulnerability in Microsoft SQL Server, designated as CVE-2025-49719, allows unauthorized attackers to access sensitive data over network connections. This vulnerability stems from improper input validation within SQL Server’s processing mechanisms, enabling attackers to disclose uninitialized memory…
10 Best Advanced Endpoint Security Tools – 2025
In today’s digital-first business landscape, advanced endpoint security is not just a luxury it’s a necessity. As organizations expand their operations across cloud, remote, and hybrid environments, every endpoint becomes a potential target for cybercriminals. From sophisticated ransomware to zero-day…
A week in security (June 30 – July 6)
A list of topics we covered in the week of June 30 to July 6 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (June 30 – July 6)
Gamers hacked playing Call of Duty: WWII—PC version temporarily taken offline
The Call of Duty team confirmed that the PC edition of WWII has been taken offline following “reports of an issue.” This article has been indexed from Malwarebytes Read the original article: Gamers hacked playing Call of Duty: WWII—PC version…