Author: Staff Writer

Summary Points DDoS Incidents Persist: Organizations reported an average of 3.85 damaging DDoS attacks in the past year, with larger firms experiencing significantly more severe consequences. Investment vs. Confidence Disconnect: While 85% of CISOs increased their DDoS protection budgets this year, only 5% feel fully confident in their defenses, indicating ongoing vulnerabilities. Automation Challenges: None of the surveyed firms have fully automated DDoS defenses; reliance on human intervention creates exploitable gaps in security. Need for Continuous Testing: 97% of respondents seek automated reporting solutions for vulnerability assessment, highlighting a critical need for ongoing visibility and validation in DDoS protection efforts.…

Quick Takeaways Cyberattack on Vendor: A cyberattack on Collins Aerospace, a U.S. company providing check-in technology, has disrupted passenger flights at major European airports, including Heathrow. Response Coordination: The U.K.’s National Cyber Security Center is collaborating with Collins Aerospace and law enforcement to assess and respond to the incident. Flight Disruptions: Despite the attack, British Airways managed to operate about 90% of its scheduled flights, while Heathrow advised passengers to arrive three hours early for international flights. Historical Context: This incident raises concerns regarding the U.S. aviation sector’s vulnerability and reliance on aging technology, highlighted in a recent report on…

Essential Insights A new hacking group called ComicForm has targeted organizations in Belarus, Kazakhstan, and Russia since April 2025 with a sophisticated phishing campaign involving malicious executables masquerading as PDFs, aimed at sectors like industry, finance, and biotech. The attack chain includes Microsoft DLL loaders and droppers that deploy Formbook malware, while also using benign Tumblr links within malware code for obfuscation, and establishing persistence by creating scheduled tasks and disabling defenses. Phishing emails redirect victims to fake login pages that mimic real document management services, extracting credentials and using JavaScript for dynamic data collection, with recent attacks targeting banks…

Top Highlights Kawa4096, a sophisticated ransomware group first detected in June 2025, targets major multinational sectors, especially in Japan and the U.S., using well-coordinated, advanced tactics like double extortion and data leaks via dedicated Tor platforms. The malware exhibits unique technical traits: automatic re-execution with comprehensive file encryption, creation of a specific mutex (“SAY_HI_2025”), and utilization of embedded configuration resources controlling exclusion lists and system stability measures. Kawa4096 employs partial encryption—encrypting only 25% of large files in 64KB chunks using Salsa20 cipher—maximizing damage while minimizing encryption time, and systematically terminates critical processes to facilitate file encryption. Its organized, meticulous operational…

Fast Facts Growing Scrutiny on AI: As artificial intelligence becomes integral to business operations, it faces increased scrutiny from regulators, customers, and the public, highlighting the need for ethical governance. Essential AI Governance Roadmap: A structured AI governance roadmap is vital for ensuring compliance, ethical accountability, and scalability within organizations, particularly when aligned with ISO 42001, the first global standard for AI management. Phased Governance Approach: Organizations should build their AI governance in three phases: laying a foundation through risk assessments, establishing a structured framework, and implementing evolving governance practices. Competitive Advantage through ISO 42001: Aligning AI governance with ISO…

Top Highlights Attackers leverage AI tools like vibe coding and platforms like Netlify and Vercel to easily create convincing fake phishing pages with minimal technical skills and low cost. Using free hosting with domains such as .vercel.app or .netlify.app, attackers benefit from the credibility of these platforms, enhancing the deceptive appeal. AI-generated phishing pages can be rapidly produced and cloned across many domains, increasing attack volume and the likelihood of successful employee deception. The main threat lies in the speed and scale of AI-driven phishing, which surpasses traditional methods, making fake sites harder to detect and combat. The Core Issue…

Quick Takeaways Stellantis confirmed a data breach affecting North American customers, exposing basic contact details but not financial or sensitive personal data. Immediate measures included activating incident response protocols, informing affected customers, and notifying federal authorities. The incident underscores a rising trend of cyberattacks targeting the automotive industry, largely due to increased reliance on third-party vendors and complex digital ecosystems. Industry-wide vulnerabilities are highlighted by recent attacks on Jaguar Land Rover, Toyota, and Honda, with cyber threats rising 50% in early 2025, impacting consumer trust and operational stability. Underlying Problem Stellantis, a leading automotive conglomerate that owns brands like Citroën,…

Essential Insights Password Vulnerability: Weak and reused passwords remain a major entry point for cyber attackers, leading to costly breaches and operational headaches for IT. Real-World Breach Insights: The webinar will highlight real breaches that could have been prevented, demonstrating the costly impacts of compromised credentials. Ineffective Traditional Policies: Conventional password policies often fail due to complexity and lack of real-time breach prevention, allowing attackers to exploit vulnerabilities. Actionable Solutions: Participants will learn how Specops can enforce user-friendly, compliant password policies and receive a three-step action plan to strengthen security and reduce helpdesk burdens. The Rising Threat of Weak Passwords…

Fast Facts Major European airports experienced disruptions due to a shared digital infrastructure failure, highlighting the vulnerability of interconnected global transportation systems. The incident forced travelers into early arrivals, long queues, flight cancellations, and increased manual check-in procedures. Airports advised passengers to check flight statuses in advance and arrive well ahead of their scheduled departure times. Heathrow emphasized that they support airlines during the outage and recommended travelers verify flight details before heading to the airport. Key Challenge Recently, a significant technical failure occurred at several major European airports, disrupting the usual flow of air travel and highlighting the fragility…

Quick Takeaways Proactive Cybersecurity Shift: Cybersecurity is transforming from reactive measures to a proactive Threat-Informed Defense (TID) approach, emphasizing operational discipline and tailored defenses based on threat intelligence. TID Framework Implementation: The TID framework consists of a six-stage pipeline focused on threat assessment, tracking, mapping, simulation, validation, and quarterly review to continually identify and address security gaps. Collaboration is Key: Effective TID requires breaking down silos among security teams, fostering collaboration, and encouraging information sharing to enhance organizational defenses against relevant threats. Data-Driven Decision Making: Utilizing metrics from TID, organizations can prioritize security investments, optimize resources, and demonstrate risk reduction,…