Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Shed a tear, if you can, for the poor, misunderstood cybercriminals hard at work trying to earn a dishonest crust by infecting organisations with ransomware. Newly released research has revealed that the riches to be made from encrypting a company's data and demanding a ransom are not proving so easy to come by as they once were. Because, although the number of ransomware attacks are reported to have reached record-breaking heights in the first months of 2025, gangs' profits are thought to be plummeting.

If you’re a government contractor working with the Department of Defense (DoD), you’ve likely heard about the Cybersecurity Maturity Model Certification (CMMC)—but in 2025, it’s no longer just something to “keep an eye on.” It’s a requirement that’s actively shaping who gets contracts and who doesn’t. Here’s why CMMC is so important now, what’s changed, and what you need to do to stay compliant and competitive.

They may be at different stages in their journey, but Argentina and Brazil are both headed to the same destination: integration of stablecoins into the fabric of their financial systems. We’ve seen the headlines that both countries are keen cryptocurrency adopters.

As much as some people dislike it, the world is interconnected, and to operate a business successfully, you will have to use the products or services produced by other businesses. Under normal circumstances, this is fine. However, when you’re a contractor looking to work with a department of the federal government, you have to adhere to higher standards.

Reliable energy is the backbone of any modern society. It powers our homes, industries, and economies. But what happens when this essential infrastructure becomes a target for cyberattacks? In Europe, the energy sector is facing an escalating threat landscape, with potentially dire consequences.

Websites that handle personal data from Australian residents must comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988. The Office of the Australian Information Commissioner (OAIC) enforces these laws, and non-compliance can result in legal penalties and reputational harm. Many businesses operating in Australia are caught unprepared when it comes to OAIC compliance requirements.

Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports. The attack begins with a malicious Google ad that appears at the top of the page when a user searches for QuickBooks. The website’s domain, “quicckboorks-acccountingcom,” is designed to trick users who don’t closely examine the URL.

CVE Trends, Vulnerabilities of SSRF On March 25, 2024, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory about an increasing yet commonly overlooked web application vulnerability, Server-Side Request Forgery (SSRF).

The UK’s ambition to become a global leader in artificial intelligence (AI) marks a transformative era. However, the foundation of this progress—the energy sector—has emerged as a prime target for cybercriminals. While AI-driven technologies offer greater efficiency and resilience, they also heighten the sector’s vulnerability to cyberattacks. To sustain the nation’s AI advancements, ensuring the security of the energy infrastructure must be a critical priority.

You’ve done the work—mapped the risks, built the roadmap, secured the right tools. But when it’s time to face the board, the conversation stalls. Not because you’re wrong. Because you’re speaking a different language. Boards don’t operate in threat models and tech stacks. They operate in risk, revenue, and accountability. And if you want their support, you need to meet them there.