Apple has pushed another update to its mobile operating systems, iOS and iPadOS, to address a newly discovered zero-day that is already being exploited by threat actors in the wild to enable so-called zero-click attacks. Tracked as CVE-2025-43300, the flaw is an out-of-bounds write issue in the ImageIO framework – which is used to enable…
The number of ransomware attacks that were observed and tracked during the first six months of 2025 was up by 179% – almost three times – on the same period in 2024, according to statistics published by threat intelligence platform provider Flashpoint. The past year has seen significant turnover among cyber criminal threat actors with…
Ransomware attack volumes up nearly three times on 2024 Read More »
Security professional association ISACA is to offer its member base of almost 200,000 accredited security professionals around the world access to a new certification, Advanced in AI Security Management (AAISM), covering the fast-emerging technology. A recent ISACA study revealed that 61% of security professionals were either very or extremely worried that generative artificial intelligence (GenAI)…
ISACA launches AI security management certification Read More »
Cyber protection specialists Halcyon and Sophos have teamed up to develop a threat intelligence sharing joint venture that will see the two companies swap data on critical metrics such as indicators of compromise (IoCs), known adversary behaviours and attack patterns. Announced at the annual Black Hat USA event in Las Vegas, the partnership will see…
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback Read More »
Cyber criminal gangs are telling their targets to stop authenticating with Okta services in what the company’s threat management team is describing as a ringing endorsement of its technology and a lesson in why phishing-resistant authentication methods are now not merely a nice-to-have, but a must-have. Due to its position as a first line of…
Cyber criminals would prefer businesses don’t use Okta Read More »
Marks & Spencer chairman Archie Norman has described the recent ransomware attack on the retailer’s systems as something akin to an “out-of-body experience” as he called for cyber attack victims to be brave, bite the bullet, and be open and transparent about their experiences. Speaking before the Business and Trade Sub-Committee on Economic Security, Arms…
Insurance companies are warned to be on their guard against a spreading campaign of network intrusions orchestrated by the Scattered Spider cyber crime collective after evidence emerged that the teenage hacking gang has hit multiple insurance companies in the US amid a months-long resurgence in its activity, according to the Google Threat Intelligence Group (GTIG).…
Scattered Spider widens web to target insurance sector Read More »
Microsoft’s latest Patch Tuesday update landed on schedule on 10 June, with admins facing a much lighter load heading into the summer – at least lighter than of late – with barely 70 security flaws awaiting attention and just two potential zero-day common vulnerabilities and exposures (CVEs) in scope. The two most pressing issues for…
June Patch Tuesday brings a lighter load for defenders Read More »
Cyber security has long been the concern of CIOs, CISOs, and compliance officers. It was a regulatory obligation for many boardrooms – tick the box, demonstrate due diligence, and move on. That approach is no longer tenable. In today’s threat landscape, cyber is not simply a technical risk – it’s a strategic, enterprise-wide concern with…
Cyber security beyond compliance: Why resilience is the new boardroom imperative Read More »
Microsoft has today launched a European Security Programme (ESP) for government bodies in the region, throwing a protective embrace around all 27 European Union (EU) member states, EU accession candidates, European Free Trade Association members, the UK, Monaco and the Vatican. Recognising that the European cyber threat landscape is in a state of flux as…
Microsoft outlines three-pronged European cyber strategy Read More »
