Ransomware has a long history, first established in 1989 with the introduction of the AIDS Trojan, of use by criminals to force organizations and regular people to hand over money. Trustwave SpiderLabs follows the continuously changing history of ransomware and those behind the malware in Energy and Utilities Sector Deep Dive: Ransomware Threat Groups, a supplementary report to the team’s just released 2025 Trustwave Risk Radar Report: Energy and Utilities Sector.

One of the primary goals of information security is to protect data, which of course entails protecting the resources that store and provide access to that data. According to the NIST Cybersecurity Framework, organizations need to develop and implement the necessary protections to restrict or mitigate the effect of a possible cybersecurity incident. Security should be integrated right from the source of the cloud architecture design process.

Phishing attacks are the most common security issue for smartphone users, according to a new study by Omdia. The survey found that nearly a quarter (24%) of respondents have fallen victim to a mobile phishing attack. The second most common mobile threat was malware, which is usually delivered via social engineering. The researchers note that phishing attacks reached all the smartphones assessed in the study, regardless of vendor.

In order to protect your company from online dangers, network security management is crucial as our world becomes more digital. Because cyberattacks are becoming more frequent and sophisticated, companies need to have strong policies in place to safeguard their sensitive data and critical infrastructure. By employing stringent access restrictions and monitoring technologies, network security management safeguards your network and guarantees its proper operation.

As we begin 2025, the cybersecurity landscape faces unprecedented change. Recently, on the Razorwire Podcast, I was joined by industry experts Richard Cassidy and Oliver Rochford who shared their insights about emerging threats, market dynamics and technological evolution that will shape security strategies in the coming year. From the rise of AI-powered threats to complex regulatory challenges, their analysis revealed both opportunities and risks that organisations must navigate.

Discover how to enhance your Joomla site’s security and streamline user authentication with OAuth.

Modern software applications operate within increasingly complex ecosystems, spanning multiple layers of the stack—from the user interface and application logic to APIs, databases, and third-party dependencies. Each layer introduces unique vulnerabilities, often requiring specialized domain expertise to identify and mitigate.

2023 saw a huge number of devastating cyberattacks, from crippling ransomware campaigns to breaches targeting critical infrastructure. As threat actors employ increasingly innovative tactics, understanding the most significant attacks and their implications is essential for building robust defenses. This article analyzes the top cyberattacks of 2023 and their impacts, reveals emerging trends, and provides actionable strategies to protect your organization against modern threats.

As cyber threats continue to evolve, organizations face a growing challenge: protecting their most critical assets – identities. With identity now at the heart of security strategies, 2025 marks a pivotal year for addressing identity-centric risks, making Identity Threat Detection and Response (ITDR) a vital component of enterprise security.

A new survey by cybersecurity vendor Netwrix found that 84% of healthcare organizations spotted a cyberattack in the past twelve months, with phishing attacks accounting for 63% of these incidents. “Phishing was the most common type of incident experienced on premises, similar to other industries,” Netwrix says. “Account compromise topped the list for cloud attacks: 74% of healthcare organizations that spotted a cyberattack reported user or admin account compromise.”