Malware designed to steal credentials from password stores now accounts for 25% of all malware activity—a dramatic threefold increase in this type of threat. This was one of the findings of Picus Security’s annual cybersecurity analysis, The Red Report 2025.…
Category: Information Security Buzz
2024: The Year Data Security Took a Beating
2024 was a brutal year for data security, with some of the world’s biggest companies suffering breaches that exposed millions of sensitive records. The attacks were carried out by well-known cybercriminal groups, including Alphv/BlackCat, Qilin, and Rhysida, and shone a…
Upskilling the UK workforce for the AI revolution
As the UK government rolls out its ambitious AI Opportunity Action Plan to enable greater implementation of new technologies to boost economic growth, it faces a critical challenge: ensuring every industry is prepared for this seismic shift. Interestingly, both UK…
Tangerine Turkey: Cryptocurrency Mining Worm Unveiled in Global Campaign
A new threat actor, dubbed Tangerine Turkey by Red Canary’s intelligence team, is attracting attention thanks to its sophisticated use of a Visual Basic Script (VBScript) worm that delivers a crypto mining payload. First seen in November last year, Tangerine…
Smiths Group Discloses Security Breach
Smiths Group, a multinational engineering business, has disclosed a data breach. The company, which is based in London but employees more than 15,000 people in over 50 countries, published a filing to the London Stock Exchange (LSE) on Tuesday saying…
Threat Actors Exploit DeepSeek’s Popularity to Distribute Infostealers on PyPI
Malicious actors have exploited the rising popularity of DeepSeek AI to distribute two malicious infostealer packages through the Python Package Index (PyPI), impersonating legitimate developer tools for the AI platform. Researchers at Positive Technologies discovered and reported the campaign, which…
What is Acceptable Risk?
CISOs today must decide what is an acceptable risk to their organization. It’s an impossible equation to solve as enterprise attack surfaces are rapidly expanding, necessitating the need for a modernized approach to risk assessment. The most forward-thinking CISOs use…
Criminals Increase Attack Speed by 22%
The average time it takes for an attacker to move laterally after gaining initial access – known as breakout time – has plummeted to just 48 minutes, new research from ReliaQuest has revealed. These results represent a 2% increase in…
Forrester Report: The Complexities of Human-Element Breaches
Security leaders often have a narrow view of human-element breaches, thinking of them as either social engineering or human error, but there’s more to it than that. Breaches that start with a person can be divided into broader categories, including…
“Vámonos!” Declares DORA, but 43% of UK Financial Services Say “No”
On January 17TH, 2025, the EU’s Digital Operational Resilience Act (DORA) came into effect. However, a recent survey of 200 UK CISOs from Censuswide found that 43% of the UK financial services industry will miss this compliance deadline despite facing…