Darktrace: The State of Cybersecurity in the Finance Sector 2025

This report documents escalating, targeted threats to the finance sector—highlighting state-linked campaigns (notably DPRK-associated Lazarus Group), prolific extortion actors (Cl0p, RansomHub), and emergent malware and exploitation techniques such as BeaverTail, EtherRAT, AiTM phishing, and React2Shell. It stresses supply-chain and edge-infrastructure risk (MOVEit, GoAnywhere, Fortra, Ivanti, Palo Alto), rising AI-driven social engineering, and the urgent need for AI-enabled defenses, governance, and cross-sector collaboration. #BeaverTail #LazarusGroup

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The report summarizes the FDIC’s 2024–2025 cybersecurity and resilience activities, covering agency policies, implementation of federal directives (including EO 14028), supervisory programs, incident reporting, and coordination with federal and industry partners. It highlights operational metrics, major threat trends such as supply-chain compromises and ransomware, and priority gaps—while documenting FDIC compliance with CISA directives and ongoing initiatives like Zero Trust and cloud hardening. #Ivanti #MidnightBlizzard

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

This report reveals that internal AI usage is accelerating far faster than organizational policy and oversight, creating a growing insider risk where employees at all levels routinely use AI in ways that can expose sensitive data and create compliance gaps. It calls for expanded AI security that covers people, behaviors, and technical controls and highlights urgent needs for clear policy, industry-specific risk modeling, and guardrails across SaaS, cloud, edge, and self-hosted environments. #F5 #InsiderAI

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The Sophos State of Ransomware in Manufacturing and Production 2025 synthesizes survey responses from 332 manufacturing IT and security leaders to show shifting attack patterns—lower encryption rates, rising extortion without encryption, persistent exploitation of vulnerabilities, and a heavy human toll on IT teams. Key metrics include exploited vulnerabilities as the top technical root cause (32%), a median ransom demand of $1.2M, and extortion-only attacks rising to 10% of incidents. #Sophos #Manufacturing

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The Marsh McLennan and Searchlight Cyber study shows a clear, statistically significant correlation between an organization’s exposure on multiple dark web sources and an increased likelihood of suffering a cyber incident within 12 months. The report highlights that specific indicators—especially Compromised Users and Dark Web Market Listings—carry the largest individual risk multipliers and that combining multiple sources yields a stronger, more actionable estimate of breach risk. #SearchlightCyber #MarshMcLennan

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The report documents an increasingly industrialized payment-fraud landscape in 2025, driven by scalable Magecart e-skimmers, large purchase-scam networks, OTP interception, and growing AI enablement that together expand attack surfaces and complicate liability. Recommended defenses emphasize intelligence-driven, cross-functional fusion of CTI and fraud operations, proactive detection, and AI-assisted predictive controls. #Magecart #AcceptCar

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The Visa Biannual Threats Report (July–December 2024) details rising payments ecosystem threats—enumeration, provisioning fraud, malicious mobile apps, NFC relay attacks, digital skimming, ransomware, and consumer-targeted scams—while describing Visa PERC’s detection, disruption, and mitigation capabilities. Key metrics include a 22% increase in enumeration transactions, about US$1.1B in follow-on fraud from enumeration over a year, US$357M in scam-related fraud detected in 12 months, a 51% rise in ransomware/data-breach incidents, and over 20,000 fraudulent eCommerce domains identified; #JokersStash #NFCGate

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The 2025 SANS SOC Survey evaluates how modern SOCs are staffed, structured, and equipped, highlighting persistent strengths (widespread 24/7 coverage, strong EDR adoption) alongside recurring gaps (staffing shortages, manual metrics, and uncoordinated AI/ML use). The report emphasizes reactive incident response, widespread SIEM data dumping, and growing—but uneven—cloud and AI integration across vendors and product briefings. #SANS #ProphetAI

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The 2025 SecurityScorecard Global Third-Party Breach Report analyzes 1,000 breaches and finds that 35.5% of 2024 incidents originated via third parties, a 6.5% rise from 2023, underscoring growing supply‑chain exposure and attacker emphasis on vendor access. The report highlights file transfer software, cloud services, state‑sponsored supply‑chain campaigns (notably linked to Chinese groups), prolific ransomware actors such as C10p, and concrete TPRM actions organizations should adopt now. #C10p #Ivanti

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The 2025 State of Human Risk report shows that human behavior—not technology gaps—is now the dominant driver of breaches, with attackers leveraging AI-powered phishing, collaboration tools, and credential misuse to bypass traditional defenses. High-impact incidents such as the Change Healthcare breach illustrate the massive financial and operational consequences and underscore the urgent need for Human Risk Management and stronger collaboration-tool protections. #ChangeHealthcare #MicrosoftTeams

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

K7Security’s Q2 2025-26 Cyber-Threat-Monitor highlights a 19% global Infection Rate driven by persistent exploitation of legacy flaws (notably MS17-010/EternalBlue), widespread adware and hack-tool prevalence on Windows, and dominant Trojan activity on Android (86%) and macOS (88%). Executive findings emphasize “vulnerability debt,” human-centric phishing, supply-chain and edge-device attacks, and recommendations to prioritize patching, MFA, behavioral detection, and third‑party risk assessments. #MS17-010 #EternalBlue

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The Q3 2025 Rapid7 Threat Landscape Report documents accelerating zero-day and mass-exploitation activity, consolidation and innovation among ransomware groups (notably Qilin), increasing supply-chain and nation‑state espionage, and the operationalization of AI for social engineering and evasive malware. Major metrics include 53 newly observed exploited CVEs, 88 active ransomware leak-site groups, and U.S. victims accounting for 67% of ransom posts; high-impact incidents targeted Microsoft SharePoint, CrushFTP, GoAnywhere MFT, and multiple Cisco products. #Qilin #LAMEHUG #SharePoint #GoAnywhere #CrushFTP #PathWiper

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

The H1 2025 ESET Threat Report documents rapid shifts in the threat landscape—highlighting the explosive rise of ClickFix social engineering, SnakeStealer’s emergence as the top infostealer, Android adware surges driven by Kaleidoscope, and a dramatic increase in NFC fraud. It also covers coordinated disruptions of Lumma Stealer and Danabot, growing ransomware infighting (including RansomHub and DragonForce), and key telemetry changes such as a 517% rise in ClickFix detections and a 160% jump in Android adware. #ClickFix #SnakeStealer

Read More
Darktrace: The State of Cybersecurity in the Finance Sector 2025

BioCatch’s Global Scams Report 2025 documents a rapid, global escalation in authorized push payment (APP) scams driven by real-time payments, social engineering, and GenAI-enabled scaling, and highlights the industrialization of fraud including trafficked scam compounds. The report pairs regional breakdowns, hard statistics, and a case study to show steep rises in vishing, smishing, romance, and investment scams and calls for behavioral-intelligence defenses and cross-industry collaboration. #BioCatch #FasterPayments

Read More