Phishing attacks are the most common security issue for smartphone users, according to a new study by Omdia. The survey found that nearly a quarter (24%) of respondents have fallen victim to a mobile phishing attack. The second most common mobile threat was malware, which is usually delivered via social engineering. The researchers note that phishing attacks reached all the smartphones assessed in the study, regardless of vendor.

Modern software applications operate within increasingly complex ecosystems, spanning multiple layers of the stack—from the user interface and application logic to APIs, databases, and third-party dependencies. Each layer introduces unique vulnerabilities, often requiring specialized domain expertise to identify and mitigate.

2023 saw a huge number of devastating cyberattacks, from crippling ransomware campaigns to breaches targeting critical infrastructure. As threat actors employ increasingly innovative tactics, understanding the most significant attacks and their implications is essential for building robust defenses. This article analyzes the top cyberattacks of 2023 and their impacts, reveals emerging trends, and provides actionable strategies to protect your organization against modern threats.

As cyber threats continue to evolve, organizations face a growing challenge: protecting their most critical assets – identities. With identity now at the heart of security strategies, 2025 marks a pivotal year for addressing identity-centric risks, making Identity Threat Detection and Response (ITDR) a vital component of enterprise security.

The modern threat landscape is vastly different than it was just a few short years ago. The cloud is no longer a tool running alongside on-premises infrastructure. It’s now the backbone of modern organizations — nine in ten businesses see the cloud as “essential for growth,” according to a Deloitte study. It’s easy to see why, as cloud computing unlocks numerous efficiencies for small to mid-tier organizations looking to compete on a global scale.

The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: The problem is, of course, that such a law may discourage the reporting of any potential data leaks.

In the realm of cybersecurity, ensuring the authenticity and integrity of transactions or communications is paramount. Non-repudiation, a principle that prevents individuals or entities from denying their actions, is a cornerstone of this assurance. This blog post delves into the best practices and techniques for integrating non-repudiation into your security strategy, safeguarding your digital interactions against disputes and fraud.

On January 22, 2025, Arctic Wolf began observing a campaign involving unauthorized access to devices running SimpleHelp RMM software as an initial access vector. Roughly a week prior to the emergence of this campaign, several vulnerabilities had been publicly disclosed in SimpleHelp by Horizon3 (CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728).

In a recent webinar, I chatted with Matt Woodruff, Worldwide Industry Lead for Security and Compliance at Jamf. Today, I'm going to share some extracts from our conversation. What we discussed: Integrating Tines’ orchestration and automation platform with Jamf’s comprehensive device management ensures proactive security and compliance, optimizing endpoint protection and operational efficiency across the organization.