Risk resilience: Navigating the risks that board’s can’t ignore in 2025

2025 promises to be a pivotal year for corporate leaders. Technological advancements, geopolitical shifts, and heightened risks demand unprecedented vigilance and agility. Here’s the real question – how prepared is your board to confront these challenges and turn them into opportunities? The risks of tomorrow are already taking shape. Generative AI has rapidly emerged as a transformative force, offering unprecedented opportunities for innovation and efficiency – but its ethical and nefarious uses remain top of mind. Cybersecurity remains a perennial...

Read More

COOs Will Make Impact-Based Security a Mainstream Requirement

Cyber risk management accounts for the probability of attacks on operational technology (OT) at large industrial facilities, including all the components that control equipment, automation, safety, network communications, their infrastructure, and more. However, a gap often exists between the CISO and OT manager at these facilities in terms of who is responsible for overseeing OT security for certain systems and devices. Some vulnerabilities may allow exploits hidden in equipment to install malware that later compromises related systems and devices....

Read More

HawkEye Malware: Technical Analysis

HawkEye, also known as PredatorPain (Predator Pain), is a malware categorized as a keylogger, but over the years, it has adopted new functionalities that align it with the capabilities of other tools like stealers. History of HawkEye HawkEye emerged before 2010, with records of its use and sale dating back to 2008, making it quite long-lived. After several spearphishing campaigns...

Read More

Ransomware spreading through Microsoft Teams

Black Basta ransomware, a notorious cybercrime group, has recently resurfaced in the news for its new and alarming method of spreading file-encrypting malware through Microsoft Teams. Teams, a widely used messaging and collaboration app, has become a target for this group, which typically operates within the technology, finance, and public sector industries. This tactic was first observed in October 2024, and it marks a shift in the group’s approach to deploying malware. Black Basta, active since April 2022, has previously relied on spam and social...

Read More

Protecting Against Inevitable Insider Threats

The seven pillars of the Department of Defense (DOD) Zero Trust Reference Architecture provide a comprehensive framework for securing today’s organizations. However, the data layer – arguably the most critical and foundational pillar – remains insufficiently addressed. This gap is evident in the persistent and increasingly detrimental cyberattacks targeting sensitive data across all industries, underscoring the urgent need for a more robust and actionable approach to data-level security within the Zero Trust model. It’s important to clearly delineate...

Read More