X-Industry

While threat actors continue to rely on many “classic” tactics that have existed for decades, our threat predictions for the coming year largely focus on cybercriminals embracing bigger, bolder, and, from their perspectives, better attacks.  From Cybercrime-as-a-Service (CaaS) groups becoming more specialized to adversaries using sophisticated playbooks that combine both digital and physical threats, cybercriminals are upping the ante to execute more targeted and harmful attacks.

In its 2025 thr

The UK's competition watchdog sniffed around the AI industry with a bit more interest than usual on 11 April at an antitrust event in the US.  Speaking at the 72nd Antitrust Law Spring Meeting in Washington DC, Sarah Cardell, CEO of the UK Competition and Markets Authority, discussed "growing concerns" that the web of connected partnerships between AI technology companies may hinder competition.  "I think it’s fair to say that when we started this work, we were curious," said Cardell.  "Now, wit

In the realm of cyber security, the objective is to shield systems, networks, and software applications from digital assaults. These digital threats typically have the intentions of either evaluating, altering, or compromising confidential data, extracting money from users, or disrupting regular business operations. The task of establishing robust cyber security defenses presents a formidable challenge in the contemporary landscape, chiefly due to the proliferation of devices surpassing the huma

Regarding cybersecurity, misconfigurations can create exploitable issues that can cause vulnerabilities later.  The following are some common-sense security misconfigurations that can easily be avoided.[1]

Development permissions that do not get changed when something goes live.  For example, AWS S3 buckets are often assigned permissive access while development is going on.  The issues arise when security reviews are not carefully performed prior to pushing the code live, no matter if that push