Microsoft marked the penultimate Patch Tuesday of 2025 with an update lighter than of late, addressing a mere 63 common vulnerabilities and exposures (CVEs) across its product estate – a far cry from many of its recent drops averaging well over 100 – and a solitary zero-day flaw. Tracked as CVE-2025-62215, this month’s single zero-day…
Microsoft users warned over privilege elevation flaw Read More »
Cyber protection specialists Halcyon and Sophos have teamed up to develop a threat intelligence sharing joint venture that will see the two companies swap data on critical metrics such as indicators of compromise (IoCs), known adversary behaviours and attack patterns. Announced at the annual Black Hat USA event in Las Vegas, the partnership will see…
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback Read More »
The Digital Operational Resilience Act (DORA) came into force on 16 January 2023. Following a two-year implementation period, from 17 January 2025, financial organisations must fully comply with the new regulation, which aims to ensure they remain resilient to severe operational digital disruption. The act covers a number of aspects of cyber resiliency, auditability, and…
Recorded ransomware attack volumes rose by 19% during October 2024 to a total of 468 incidents worldwide, a significant number of them in the US, where the controversial presidential election likely emboldened Russian-speaking threat actors to strike, according to NCC Group’s latest monthly Threat pulse report. Although the full-scale of attempted Russian state interference in…
Geopolitical strife drives increased ransomware activity Read More »
