2022, Cybersecurity and Technology - Cyber Security Informer

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Below is an exhaustive list of key cybersecurity trends to watch out for in 2025. Lets explore the top current cybersecurity trends this year. The challenge?

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

SecureWorld News

JUNE 9, 2025

Most aviation processes are heavily digitized, and in the wake of new cyber threats, airlines and the broader sector must prioritize cybersecurity more than ever before. As airlines upgrade for connected sky-travel and regulators tighten their grip with new rules, the stakes for cybersecurity have never been higher.

Cybersecurity

Cybersecurity Social Engineering Computers and Electronics Encryption

The Cybersecurity Dimensions of Web Accessibility

SecureWorld News

JANUARY 27, 2025

Aside from the obvious gap in accessing data and web-based resources, this shortfall also entails cybersecurity concerns. Assistive technologies such as screen readers, magnifiers, and voice assistants are terrific, but these tools are cold comfort when a website's design doesn't support them.

Cybersecurity

Cybersecurity Risk Technology Authentication

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

billion in 2022. Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. Software is complex, which makes threats to the software supply chain more real every day. In the U.S. alone, cyber losses totaled $10.3

Cybersecurity

Empowering Boards for Cybersecurity Incidents

SecureWorld News

JANUARY 12, 2025

A 2022 PwC study found that 59% of directors admitted their board is not very effective in understanding the drivers and impacts of cyber risks for their organization, emphasizing the critical role of board members in these moments. Postmortems should be used to identify weaknesses in both technology and processes.

Cybersecurity

Cybersecurity Data breaches Ransomware Government

Russia-linked APT28 targets western logistics entities and technology firms

Security Affairs

MAY 21, 2025

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. ” reads the joint alert.

Technology

Technology Malware Phishing Government

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

But amidst all these flashy, futuristic threats, the biggest cybersecurity risk remains the same as it's always beenhumans. Cybersecurity Through Human Behaviour just confirmed what most of us in the field already know: Cybersecurity isn't just a tech problemit's a behavior problem. And humbly, we're getting it very wrong.

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion. But it doesn’t have to be this way.

Artificial Intelligence

Artificial Intelligence Data collection Risk Cybersecurity

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists. It’s mindboggling, but right now for 49% of respondents, cybersecurity is their primary business concern. March 17, 2022 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST DRaaS as the last line of defense.

Ransomware

From Compliance to Confidence: How Thales Helps You Meet ISO/IEC 27001:2022 Head-On

Thales Cloud Protection & Licensing

JULY 17, 2025

From Compliance to Confidence: How Thales Helps You Meet ISO/IEC 27001:2022 Head-On madhav Thu, 07/17/2025 - 12:47 The digital threat landscape today is unrecognizable from 2013, with each year bringing new tech trends and threats. ISO/IEC 27001:2022 is more aligned with today’s risks and more demanding. The result?

Encryption

Encryption Threat Detection Artificial Intelligence Risk

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. Expert Advice and Organizational Impact Cybersecurity experts urge organizations to implement robust measures to counter these evolving threats.

Phishing

Phishing Artificial Intelligence Password Management Accountability

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

Generative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The increasing sophistication of these technologies has made it harder than ever to distinguish real content from fake.

Artificial Intelligence

Artificial Intelligence Phishing Cybercrime Media

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

IT Security Guru

FEBRUARY 25, 2025

The common maxim in cybersecurity is that the industry is always on the back foot. While cybersecurity practitioners build higher walls, adversaries are busy creating taller ladders. MFA Fatigue: The I Give Up Button in Cybersecurity While MFA is extremely effective at preventing unauthorized access, it is not impervious to abuse.

Social Engineering

Social Engineering Authentication Risk Accountability

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2022-40684: Admin Control over VPN Infrastructure What is CVE-2022-40684? Rated CVSS 9.8,

VPN

VPN Authentication Ransomware Risk

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022.

VPN

VPN Government Malware Manufacturing

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Security Affairs

JUNE 22, 2025

This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying to take over space left by rival cybercrime groups. The Qilin ransomware group has been active since at least August 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare.

Ransomware

Ransomware DDOS Cybercrime Healthcare

Understanding the Deepfake Threat

SecureWorld News

FEBRUARY 13, 2025

While initially popularized in entertainment and satire, cybercriminals now weaponize this technology for fraud, identity theft, and corporate deception. According to a 2023 study by Sumsub , deepfake fraud attempts increased by 704% between 2022 and 2023.

Social Engineering

Social Engineering Authentication Identity Theft Engineering

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. Uhh, again, that is.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Top 15 Exploited Vulnerabilities of 2023

SecureWorld News

NOVEMBER 12, 2024

A new joint Cybersecurity Advisory, co-authored by leading cybersecurity agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom, details the vulnerabilities malicious actors routinely exploited in 2023.

Software

Software Cyber threats Risk Passwords

OT Under Siege No More? Fortinet Report Shows Improving Landscape

SecureWorld News

JULY 17, 2025

For cybersecurity professionals safeguarding the intersection of digital and industrial systems, Fortinet's newly released 2025 State of Operational Technology and Cybersecurity Report offers a rare blend of optimism and realism. The report draws a clear line between security maturity and breach frequency.

CISO

CISO Cyber Risk Risk CSO

CISA Secure by Design Initiative Faces Uncertainty Amid Leadership Exits

SecureWorld News

APRIL 23, 2025

The United States Cybersecurity and Infrastructure Security Agency (CISA) is confronting a pivotal moment following the recent resignations of two senior officials who were instrumental in the agency's Secure by Design initiative. Follow SecureWorld News for more stories related to cybersecurity.

Manufacturing

Manufacturing Software Cybersecurity Authentication

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

New York, the city that never sleeps, is also the city that takes cybersecurity very seriously. If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk. For more information about the threat from quantum computing: Is Quantum Computing a Cybersecurity Threat?

Banking

Banking Cybercrime Cybersecurity Ransomware

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

The latest guidance for adopting AI securely comes from the World Economic Forum, whose new Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards report seeks to explain how organizations can benefit from AI while reducing their cybersecurity risks. Maintain an updated inventory of AI applications.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Security Boulevard

NOVEMBER 22, 2024

Organizations are strongly encouraged to review this list and use it to inform their software security strategies ,” reads a Cybersecurity and Infrastructure Security Agency (CISA) statement. The OIG also found that the EPA lacks its own system that water and wastewater facilities can use to report cybersecurity incidents.

Cyber Risk

Cyber Risk Risk Cybersecurity Artificial Intelligence

Zero-day attacks on browsers and smartphones drop, says Google

Malwarebytes

MAY 1, 2025

Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google’s security team this week. While most attacks do still target personal technology like smartphones and browsers, the focus is moving increasingly to enterprise tech. What does all this mean for you?

Spyware

Spyware Mobile Technology Government

News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats

The Last Watchdog

JANUARY 15, 2025

15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. “Wultra has cutting-edge technology that solves the nightmare of every banker in the world,” says Martin Drdul, co-founder of Tensor Ventures.

Banking

Banking Authentication Technology Marketing

The Implications of Microsoft's New European Security Program

SecureWorld News

JULY 21, 2025

Europe faces escalating cybersecurity challenges in its daily digital operations. While this initiative offers immediate benefits for digital resilience, providing free AI-powered cybersecurity resources to 27 EU nations , it also prompts critical questions about placing extensive security infrastructure in the hands of a single U.S.-based

Cybersecurity

Cybersecurity Technology Cybercrime Cyber threats

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

Cybersecurity isnt just an IT problem; its central to risk management, operational continuity, and customer trust. The Changing Landscape of Cyber Threats AI is transforming the cybersecurity landscape, revolutionising how organisations defend themselves while simultaneously empowering hackers to elevate their methods.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation madhav Tue, 10/29/2024 - 04:55 The increasing reliance on digital technologies has created a complex landscape of risks, especially in critical sectors like finance. Underpin technologies with a unified centralized key management regime where appropriate.

Encryption

Encryption Risk Data privacy Technology

The Seabed: A New Digital Frontier to Protect from Threats

SecureWorld News

JULY 22, 2025

The wake of incidents like the Nord Stream pipeline sabotage in September 2022 served as a stark wake-up call, exposing the immense vulnerability of these essential arteries. In response, nations are deploying cutting-edge technologies. Countries from Europe and the U.S., Dedicated Vessels: The U.K.,

Surveillance

Surveillance Artificial Intelligence Technology Digital transformation

Top 20 Cybersecurity Companies You Need to Know in 2025

eSecurity Planet

MARCH 21, 2025

The cybersecurity market is booming, offering many options but not all solutions are created equal. To help you cut through the noise, weve curated a list of 20 top cybersecurity technology providers that stand out for their innovation, impact, and effectiveness. Cisco: Best for Integrated Network Security 16 $242.51

Cybersecurity

Cybersecurity Firewall Marketing Encryption

Disability Access Within the Field of Social Engineering

Security Through Education

APRIL 7, 2025

Based on the 2024 report published by the National Institute on Disability, Independent Living, and Rehabilitation Research, it is estimated that, as of 2022, 13.9 % of the United States population is living with a functional disability. This is ALL adaptive technology! That translates to roughly 46.2 MILLION people in the US alone.

Social Engineering

Social Engineering Engineering Technology Information Security

WhatsApp hack: Meta wins payout over NSO Group spyware

Malwarebytes

MAY 8, 2025

The European Data Protection Supervisor recommended an EU ban on the technology in 2022, although this has not yet happened. For consumers, this means applying more layer of protection in the form of regular updates, security software , and cybersecurity awareness. Facebook has its own initiative.

Spyware

Spyware Hacking Surveillance Government

Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security

Security Boulevard

NOVEMBER 1, 2024

1 - Securing OT/ICS in critical infrastructure with zero trust As their operational technology (OT) computing environments become more digitized, converged with IT systems and cloud-based, critical infrastructure organizations should beef up their cybersecurity by adopting zero trust principles. and the U.K.

CISO

CISO Cybersecurity Authentication Government

Application and API Security in 2025: What Will the New Year Bring?

Thales Cloud Protection & Licensing

DECEMBER 17, 2024

Compounding the challenge, 46% of Account Takeover (ATO) attacks focused on API endpoints, up from 35% in 2022. Prompt Injection and AI Security Risks Generative AI is one of the most exciting technologies in the world right now. Once inside a target network, they could leverage the technology to gain further access.

Risk

Risk Digital transformation Software Technology

The Cybersecurity Challenge in Mergers and Acquisitions

Digital Shadows

DECEMBER 5, 2024

As enterprises navigate the intricate maze of legal and financial negotiations involved in merging two distinct entities, cybersecurity often takes a backseat: Deals are conducted behind closed doors, giving senior security staff little time to manage the complexities of the transition.

Cybersecurity

Cybersecurity Accountability Risk Software

Frequently Asked Questions About Iranian Cyber Operations

Security Boulevard

JUNE 27, 2025

government agencies, including the Cybersecurity and Infrastructure Security Agency (CISA). Threat actor Activity HomeLand Justice Carried out destructive attacks against the Government of Albania in 2022, utilizing ransomware and disk wiping malware. CVE-2022-42475 Fortinet ForiOS Heap-Based Buffer Overflow [ 1 ] [ 2 ] 9.8

Accountability

Accountability Passwords Authentication Energy and Utilities

2024 Thales Global Data Threat Report: Trends in Financial Services

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

As a result, FinServ organizations have some of the largest cybersecurity budgets and most advanced defenses. However, this can be attributed to the fact that the proportion of financial services firms using multiple hyperscalers rose from 54% in 2022 to 73% in 2024, marking a 19 percentage point increase.

Financial Services

Financial Services Threat Reports Authentication Banking

News alert: INE Security highlights monthly CVE Labs aimed at sharpening real-world defense

The Last Watchdog

MAY 14, 2025

Cary, NC, May 14, 2025, CyberNewswire — INE Security , a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders.

Authentication

Authentication Cybersecurity Risk Media

Application and API Security in 2025: What Will the New Year Bring?

Thales Cloud Protection & Licensing

DECEMBER 17, 2024

Compounding the challenge, 46% of Account Takeover (ATO) attacks focused on API endpoints, up from 35% in 2022. Prompt Injection and AI Security Risks Generative AI is one of the most exciting technologies in the world right now. Once inside a target network, they could leverage the technology to gain further access.

Risk

Risk Technology CISO Threat Detection

Canada bans Hikvision over national security concerns

Security Affairs

JUNE 30, 2025

following a national security review under the Investment Canada Act: pic.twitter.com/Gvl6aWRxyQ — Mélanie Joly (@melaniejoly) June 28, 2025 The ban includes its business and technology use. Hikvision (officially Hangzhou Hikvision Digital Technology Co., ” In 2022, the U.S.

Surveillance

Surveillance Government Manufacturing Technology

Biden Signs New Cybersecurity Order

Schneier on Security

JANUARY 20, 2025

President Biden has signed a new cybersecurity order. It has a bunch of provisions, most notably using the US governments procurement power to improve cybersecurity practices industry-wide. The directive also kicks off updates to the National Institute of Standards and Technologys secure software development guidance.

Cybersecurity

Cybersecurity Government Software Technology

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Top Cybersecurity Trends to Watch Out For in 2025

Trending Sources

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

The Cybersecurity Dimensions of Web Accessibility

Software Composition Analysis: The New Armor for Your Cybersecurity

Empowering Boards for Cybersecurity Incidents

Russia-linked APT28 targets western logistics entities and technology firms

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

From Compliance to Confidence: How Thales Helps You Meet ISO/IEC 27001:2022 Head-On

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

How threat actors can use generative artificial intelligence?

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

China’s Volt Typhoon botnet has re-emerged

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Understanding the Deepfake Threat

New AI “agents” could hold people for ransom in 2025

Top 15 Exploited Vulnerabilities of 2023

OT Under Siege No More? Fortinet Report Shows Improving Landscape

CISA Secure by Design Initiative Faces Uncertainty Amid Leadership Exits

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Zero-day attacks on browsers and smartphones drop, says Google

News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats

The Implications of Microsoft's New European Security Program

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

The Seabed: A New Digital Frontier to Protect from Threats

Top 20 Cybersecurity Companies You Need to Know in 2025

Disability Access Within the Field of Social Engineering

WhatsApp hack: Meta wins payout over NSO Group spyware

Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security

Application and API Security in 2025: What Will the New Year Bring?

The Cybersecurity Challenge in Mergers and Acquisitions

Frequently Asked Questions About Iranian Cyber Operations

2024 Thales Global Data Threat Report: Trends in Financial Services

News alert: INE Security highlights monthly CVE Labs aimed at sharpening real-world defense

Application and API Security in 2025: What Will the New Year Bring?

Canada bans Hikvision over national security concerns

Biden Signs New Cybersecurity Order

Stay Connected