Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Remember when ICS malware was “rare”? Last year we got two new families built for one thing: disruption. FrostyGoop and Fuxnet are not Mirai with a wrench taped on or your typical DDoS botnet. They were built to target and disable devices that use Meter-bus and Modbus protocols, inflicting maximum damage. If you still believe that “our PLCs aren’t on the Internet,” then this is your nudge to actually go and check.

CVE-2025-20333 is a critical, actively exploited zero-day vulnerability impacting Cisco firewall devices, specifically those running unpatched versions of Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) software. It is one of two zero-days currently being weaponized by cyber threat actors, posing a significant and immediate threat to enterprise network perimeters. The vulnerability has a CVSS score of base 9.9. At this time, NVD has not released a formal entry for CVE-2025-20333.

The financial sector remains one of the most targeted industries for cybercriminals and nation-state actors due to the sensitivity of customer data, the high value of financial transactions, and the critical role these institutions play in global stability. Bitsight’s 2025 State of the Underground report found that underground markets listed nearly 14.5 million compromised credit cards in 2024, representing a 20% increase over 2023. This growth was driven entirely by a surge in US-issued cards.

In our previous post, The ABC’s of Ishing, we broke down the foundational tactics used by cybercriminals to deceive users and gain unauthorized access. This follow-up report expands on that foundation by exploring three evolving phishing threats that go beyond traditional email lures. Angler Phishing, Calendar Phishing, and Captcha Phishing each exploit trust in everyday digital tools—social media platforms, calendar invites, and CAPTCHA challenges.

With time, effort, and a blessing from the LinkedIn networking Gods, a high-level executive's identity can be transformative for a company. More than just a name and title, these executives become symbols of authority and trust, someone employees, customers, and partners instinctively follow. Personas like Elon Musk and Tim Cook instill confidence and belief in their employees and consumers by championing their products and their ethos.

In February 2024, a ransomware attack on a critical player in the US healthcare infrastructure sent shockwaves through the US and globally. Pharmacies were unable to process prescriptions using patients' insurance, leading to delays in medication dispensing and highlighting the fragility of the healthcare supply chain. Hospitals and medical offices faced severe operational disruptions, struggling to provide patient care, submit insurance claims, and receive payments.

As students return to classrooms, a different kind of "back-to-school" activity is ramping up: Hack-to-School. Cybercriminals and nation-state actors are intensifying their focus on educational institutions. According to Bitsight Threat Intelligence, the education sector is now the third-most targeted industry by cyber threat actors, facing a wide range of persistent and emerging risks.

Bitsight’s mission to keep evolving the capability of our data engine through AI enhancements hit a new milestone today. The latest addition is a new entity mapping capability added to Bitsight AI and the data engine, which uses GenAI agents to create more complete and consistent sets of identifiers for organizations scanned and added to Bitsight’s entity inventory.

In order to collect various security-related metrics, Bitsight scans the entire internet, collecting a unique set of data that enables us to carry out a variety of studies that would be extremely difficult for any other company to conduct. One of the metrics that we collect is related to the presence of certain vulnerabilities. For this, we need to take into consideration all possible mitigation strategies that are available and that allow us to reduce the risk.

This blog post may sound a bit personal. That’s because it is. It is also a long story, so you might want to grab yourself some coffee (or your favorite beverage).