Cybersecurity is a vital concern for organisations, but many security strategies fall short: recent research shows that 44% of UK companies are lacking in basic cybersecurity skills. The consequences of poor security go far beyond the direct impacts of cyberattacks, and the benefits of effective security are numerous as well.

London is one of the smartest and most interconnected cities in the world. Digital infrastructure plays a role in almost every facet of society, streamlining public transport, improving healthcare provision, boosting sustainability, and more. However, this reliance on technology has left London’s critical national infrastructure (CNI) perilously vulnerable to digital attacks.

As another year comes to an end, it’s not only Santa who brings presents for those on his nice list. These days, it’s quite common for well-known firms to publish their annual roundups of the most notable events that have taken place in the cybersecurity landscape, together with predictions of what can we expect in next twelve months.

As 2024 comes to a close, we went around the room and asked some of Trustwave’s top executives what cybersecurity issues and technology they saw playing a prominent role in 2025. Here is the latest installment. As we look ahead to 2025, the landscape of cyber threats continues to evolve, presenting new challenges for cybersecurity professionals.

On December 16, 2024, BeyondTrust published a security advisory outlining a vulnerability impacting their Remote Support (RS) and Privileged Remote Access (PRA) software. The flaw, CVE-2024-12356, is a critical severity command injection vulnerability. If successfully exploited it can allow an unauthenticated remote threat actor to execute underlying operating system commands within the context of the site user.

Adversaries are advancing faster than ever, exploiting the growing complexity of business IT environments. In this high-stakes threat landscape, generative AI (GenAI) is a necessity. With organizations grappling with skills shortages, sophisticated adversaries and operational complexity, 64% of security professionals have already kicked off their GenAI purchase journey.

Picture this scenario: You’ve used every tool you have to secure your web pages and forms so patient information is safe. One day, a potential patient Googles “hysterectomy options” and ends up on your hospital’s website. They browse around, maybe even schedule an appointment online. You have no reason to worry, right? Because you’ve done what you could to secure those pages.

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November 2023 to October 2024. Analyzing data from its GreyMatter platform and dark web activity, ReliaQuest found that utilities like water and energy systems are disproportionately affected. Their critical role in infrastructure makes them prime targets for cybercriminals.

Delivering exceptional performance and protection in rigorous evaluations Elastic Security has achieved remarkable results in the recent AV-Comparatives Business Security Test. This independent assessment underscores our commitment to providing world-class malware protection.

Threat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro. “The attacker used social engineering to manipulate the victim to gain access and control over a computer system,” Trend Micro says.