Continuous Monitoring and Protection
Business Security Who’s to blame when the AI tool managing a company’s compliance status gets it wrong? Tony Anscombe 07 Aug 2025 • , 3 min. read If you put a group of CISOs in a room, they are all likely to wait for one of them to declare they have the answer, the silver bullet, that solves the issue of the day. In reality, however, what needs to happen is that all the CISOs…
Read MoreBusiness Security Success in cybersecurity is when nothing happens, plus other standout themes from two of the event’s keynotes Tony Anscombe 07 Aug 2025 • , 3 min. read The 2025 edition of the Black Hat USA conference kicked off with an address from founder Jeff Moss that featured several thought-provoking comments. Among other things, he remarked that technology has become political and pointed to geopolitical sanctions and bans that limit cooperation and hit revenues,…
Read MoreA new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki, a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy practice while attempting to extort the clinic and its patients. The documentary, “Most Wanted: Teen Hacker,” explores the 27-year-old Kivimäki’s lengthy and increasingly destructive career, one that was marked by cyber…
Read MoreTwo different firms have tested the newly released GPT-5, and both find its security sadly lacking. After Grok-4 fell to a jailbreak in two days, GPT-5 fell in 24 hours to the same researchers. Separately, but almost simultaneously, red teamers from SPLX (formerly known as SplxAI) declare, “GPT-5’s raw model is nearly unusable for enterprise out of the box. Even OpenAI’s internal prompt layer leaves significant gaps, especially in Business Alignment.” NeuralTrust’s jailbreak employed a…
Read MoreSecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. Here are this…
Read MoreThreat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another ESET Research 05 Aug 2025 • , 1 min. read “It’s all fun and games until someone gets hurt” could well be the title of the latest ESET Threat Report, as cybercriminals play new mind games with their victims, wage full-on deathmatches among themselves, and become the hunted…
Read MoreOn July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the unnamed suspect, but the consensus is that he is a pivotal figure in the crime forum scene who goes by…
Read MoreRestricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity Tony Anscombe 01 Aug 2025 • , 5 min. read The UK Government wants access, when requested, to the end-to-end encrypted messages and data for everyone in the UK. The reasons are to specifically tackle serious crimes, such as terrorism and child sex abuse. The UK Government is not alone in…
Read MoreHere’s what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much 01 Aug 2025 The world of espionage has gone digital. Rather than involving trench coats and secret missions, it’s now about silent cyberthreats that can turn phones into secret surveillance devices. In other words, today’s battleground is in people’s pockets, as malicious tools pose as everyday apps and can, in extreme…
Read MoreHere’s a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025 31 Jul 2025 With another month behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that made an impact and offered vital lessons in July 2025. Here’s Tony’s rundown of some of what stood out most over the past 30 or so days. attacks targeting on-premises Microsoft SharePoint…
Read More