Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest ENISA reports help inform about threat response and a more effective, risk-based approach to cybersecurity In December 2024, the European Union Agency for Cybersecurity (ENISA) released its first-ever report on the state of cybersecurity in the Union. The report, which was prepared in accordance with Article 18 of the NIS2 Directive, is a comprehensive, evidence-based overview of the cybersecurity ecosystem across EU Member States.

The good news is that advanced email protection methods do not necessarily call for a trade-off. Generative AI (GenAI) is both a way to embrace innovation and an enabler of robust defense mechanisms to take action against dangers that are increasingly difficult to counter. Investing in this technology at any stage of your email security program can make your organization adaptive, future-focused, and fully prepared to mitigate the risks posed by cybercriminals leveraging AI tools for malicious purposes.

Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.

In the spring of 2024, the FBI warned U.S citizens of a spear phishing campaign by state-sponsored North Korean threat actors.

On January 14, 2025, Fortinet published a security advisory for CVE-2024-55591, an authentication bypass using an alternate path or channel vulnerability in FortiOS and FortiProxy. A remote threat actor can craft requests to the Node.js websocket module to gain super-admin privileges.

Many organizations across critical industries such as healthcare, manufacturing and energy rely on legacy Windows operating systems to run essential equipment. These systems, while operationally vital, are notoriously difficult and costly to upgrade — leaving them vulnerable to modern cyber threats. CrowdStrike is addressing this challenge by expanding our legacy support with the general availability of CrowdStrike Falcon for Legacy Systems.

Insider threats are among the most elusive and damaging forms of cybersecurity risk. According to the Ponemon Institute, 71% of organizations experienced between 21 and 41 insider incidents in 2023, up 67% over the previous year. The average annual cost of insider threats also climbed to $16.2 million per organization, the report found.