Security Report

Proofpoint and Ponemon’s 2025 healthcare cybersecurity study shows that cyberattacks remain widespread, with most organizations suffering repeated incidents that disrupt care and drive multimillion-dollar losses. Cloud/account compromise, ransomware, supply chain attacks, and BEC continue to affect patient safety, while growing cloud adoption, insider risk, and AI use are reshaping how healthcare organizations defend clinical operations.…

NETSCOUT’s 1H 2025 DDoS Threat Intelligence Report shows a record-scale and increasingly geopolitical DDoS landscape, with over 8 million attacks globally and major surges tied to events such as the World Economic Forum, the India-Pakistan conflict, and the Iran-Israel cyberwar. The report also highlights the continued dominance of botnets and hacktivist groups like NoName057(16), alongside…

GSMA’s 2025 report explains how post-quantum cryptography should be introduced to protect 4G and 5G roaming against harvest-now, decrypt-later threats and quantum-enabled impersonation or tampering. It recommends prioritizing ML-KEM, ML-DSA, hybrid key exchange, and quantum-safe PKI changes across SEPP, PRINS, TLS 1.3, and IPsec-based roaming environments. #GSMA #ML-KEM #ML-DSA #SEPP #PRINS #3GPP

Okta’s Secure Identity Commitment outlines how the company is strengthening identity security through better products, hardened infrastructure, customer guidance, and industry-wide collaboration. The report emphasizes rising identity-based attacks and highlights recent defenses, including blocking over 1.5 billion identity attacks and 290 million malicious access attempts, while spotlighting initiatives such as VoidProxy, ThreatInsight, FastPass, and Cross-App…

The NCSC Annual Review 2025 documents a clear escalation in sophisticated state-aligned and criminal cyber activity, major disruptive incidents affecting critical services and commerce, and a strategic pivot toward resilience at scale—through programmes like Early Warning, Active Cyber Defence, CAF v4.0, PQC migration and Crypt‑Key modernisation. It couples hard metrics (1,727 incident tips → 429…

The report shows that attackers are increasingly using AI to refine classic phishing while adversary-in-the-middle (AitM) kits and token-theft techniques (including session token capture) drive stealthy post-login compromise. Defenders should prioritize token-centric controls, phishing-resistant MFA, session shortening, SVG/attachment controls, and a culture of “Pause → Verify → Act.” #Microsoft #Google #Hoxhunt #AitM #SVG #Salesforce #Docusign

The 2025 Global Threat Intelligence Report summarizes 2024’s cyber landscape, showing how geopolitical conflicts, supply-chain compromises, and advanced ransomware operations disrupted critical sectors and amplified systemic risk. It documents high-impact incidents, sharp increases in DDoS and supply-chain attacks, and the growing convergence of state-aligned APTs with ransomware actors that broadened both capability and reach. #ALPHV…

Veriti’s 2025 report reviews 2024 healthcare cybersecurity, documenting nearly 400 U.S. organizations impacted, widespread ransomware activity (notably LockBit 3.0, ALPHV/BlackCat, BianLian), pervasive misconfigurations, vulnerable medical devices and cloud/IoT exposures that disrupted operations and patient data confidentiality. It calls out dominant CVEs and TTPs (Log4Shell, Fortinet VPN, Zerologon, RDP abuse, Cobalt Strike, double extortion) and urges…

The Health-ISAC 2025 report documents escalating, high-impact cyber threats to the health sector in 2024–2025, highlighting widespread ransomware incidents, supply-chain and third-party risks, nation-state espionage, and growing vulnerabilities in medical devices and IoMT. It calls for stronger information sharing, resilience and risk planning, and faster mitigation of zero-days, credential compromise, and AI-enabled attack techniques. #ChangeHealthcare…

This white paper presents the 2025 US Cyber Industry Exposure Database and Loss Curve (IED), a collaborative, transparent, data-driven model built by Guidewire Cyence and Guy Carpenter that produces OEP/AEP loss curves and industry metrics using Cyence Model 7 and GC policy inputs. It summarizes market-scale estimates (≈4.97M US cyber policies; ~$9.52B estimated written premium;…

This report documents escalating, targeted threats to the finance sector—highlighting state-linked campaigns (notably DPRK-associated Lazarus Group), prolific extortion actors (Cl0p, RansomHub), and emergent malware and exploitation techniques such as BeaverTail, EtherRAT, AiTM phishing, and React2Shell. It stresses supply-chain and edge-infrastructure risk (MOVEit, GoAnywhere, Fortra, Ivanti, Palo Alto), rising AI-driven social engineering, and the urgent need…

The report summarizes the FDIC’s 2024–2025 cybersecurity and resilience activities, covering agency policies, implementation of federal directives (including EO 14028), supervisory programs, incident reporting, and coordination with federal and industry partners. It highlights operational metrics, major threat trends such as supply-chain compromises and ransomware, and priority gaps—while documenting FDIC compliance with CISA directives and ongoing…

This report reveals that internal AI usage is accelerating far faster than organizational policy and oversight, creating a growing insider risk where employees at all levels routinely use AI in ways that can expose sensitive data and create compliance gaps. It calls for expanded AI security that covers people, behaviors, and technical controls and highlights…

The Sophos State of Ransomware in Manufacturing and Production 2025 synthesizes survey responses from 332 manufacturing IT and security leaders to show shifting attack patterns—lower encryption rates, rising extortion without encryption, persistent exploitation of vulnerabilities, and a heavy human toll on IT teams. Key metrics include exploited vulnerabilities as the top technical root cause (32%),…

The Marsh McLennan and Searchlight Cyber study shows a clear, statistically significant correlation between an organization’s exposure on multiple dark web sources and an increased likelihood of suffering a cyber incident within 12 months. The report highlights that specific indicators—especially Compromised Users and Dark Web Market Listings—carry the largest individual risk multipliers and that combining…

The report documents an increasingly industrialized payment-fraud landscape in 2025, driven by scalable Magecart e-skimmers, large purchase-scam networks, OTP interception, and growing AI enablement that together expand attack surfaces and complicate liability. Recommended defenses emphasize intelligence-driven, cross-functional fusion of CTI and fraud operations, proactive detection, and AI-assisted predictive controls. #Magecart #AcceptCar

The Visa Biannual Threats Report (July–December 2024) details rising payments ecosystem threats—enumeration, provisioning fraud, malicious mobile apps, NFC relay attacks, digital skimming, ransomware, and consumer-targeted scams—while describing Visa PERC’s detection, disruption, and mitigation capabilities. Key metrics include a 22% increase in enumeration transactions, about US$1.1B in follow-on fraud from enumeration over a year, US$357M in…

The 2025 SANS SOC Survey evaluates how modern SOCs are staffed, structured, and equipped, highlighting persistent strengths (widespread 24/7 coverage, strong EDR adoption) alongside recurring gaps (staffing shortages, manual metrics, and uncoordinated AI/ML use). The report emphasizes reactive incident response, widespread SIEM data dumping, and growing—but uneven—cloud and AI integration across vendors and product briefings.…

The 2025 SecurityScorecard Global Third-Party Breach Report analyzes 1,000 breaches and finds that 35.5% of 2024 incidents originated via third parties, a 6.5% rise from 2023, underscoring growing supply‑chain exposure and attacker emphasis on vendor access. The report highlights file transfer software, cloud services, state‑sponsored supply‑chain campaigns (notably linked to Chinese groups), prolific ransomware actors…

The 2025 State of Human Risk report shows that human behavior—not technology gaps—is now the dominant driver of breaches, with attackers leveraging AI-powered phishing, collaboration tools, and credential misuse to bypass traditional defenses. High-impact incidents such as the Change Healthcare breach illustrate the massive financial and operational consequences and underscore the urgent need for Human…