Welcome to our latest Quarterly Threat Landscape Report, and one that, based on the amount of activity, reveals an environment that is particularly challenging for security practitioners to navigate. In this edition, we have witnessed significant geo-political changes with continued conflict across multiple geographies. Combined with the exploitation of critical vulnerabilities only increasing, it is […]
The digital exposure of high-ranking corporate personnel through social media activity, professional profiles, and metadata represents a growing threat vector in the cybersecurity landscape. Threat actors increasingly exploit these digital footprints to conduct targeted campaigns, such as business email compromise (BEC) scams, spear phishing, credential harvesting, and hybrid cyber-physical attacks. What begins as open-source intelligence
Executives Digital Footprints: The overlooked corporate vulnerability Read More »
This Report summarises the work of the Intelligence and Security Committee of Parliament (ISC) for the period from April 2023 to March 2025 and therefore also covers work carried out by the previous Committee, which sat from July 2020 to May 2024.* The Intelligence and Security Committee of Parliament (ISC) is a statutory committee of
Intelligence and Security Committee’s (ISC) Annual Report for 2023–2025 Read More »
In an evolving ransomware landscape in which adversaries seek to evolve past the ability of their victims to defend, ransomware groups are shifting their attack techniques away from phishing to put a greater emphasis on vulnerability abuse. Vulnerability abuse has grown considerably, both in scope and sophistication, as we extensively examined in our previous report,
With the root cause of the majority of data breaches being traced to the human factor, security leaders who continue to invest solely on technology-based security layers run the risk of overlooking a best practise proven to reduce their vulnerability: security awareness training coupled with frequent simulated social engineering testing. This approach both helps raise
The tragedy, upheaval and historic changes of 2020 have been documented countless times over. But as organisations around the world take their first cautious steps to normal, “the year that wasn’t”1 still holds valuable lessons worth exploring. That’s especially true in the realm of cybersecurity. As the global pandemic upended work and home routines, cyber
Based on an independent survey of 499 IT decision makers, this report shares new insights into the state of ransomware in the education sector. It provides a deep dive into the prevalence of ransomware in education, the impact of the attacks, the cost of ransomware remediation, and the proportion of data that education organizations could
The rapid digitization of business processes and the move to remote work in the wake of COVID-19 have put cybersecurity top of mind for government agencies and businesses of all sizes. As organisations increasingly rely on connected networks, cloud services, and hybrid working arrangements, the opportunity for cybercriminals to significantly disrupt operations continues to grow.
EGOV APPS ARE ON THE RISE – BUT HOW SECURE ARE THEY? Mobile eGovernment (eGov) apps create a unique opportunity for governments to interact with their citizens and provide streamlined solutions for them – from eID’s and healthcare apps to tax services apps. eGovernment apps cover a wide range of services and can be highly
Major Government Apps In Asia Leak Sensitive Data And Lack Basic Security Read More »
The year 2020 was without a doubt one of the most consequential and transformational in recent memory: A global pandemic, economic turmoil impacting millions of people’s lives, and social and political unrest. The reverberations from these events affected businesses in profound ways, with many making a major shift to distributed workforces. In the cyber realm,
