levelblue

LevelBlue SpiderLabs: Ransomware Attacks Up 17% in 2025

Dec 30, 2025 By LevelBlue In LevelBlue
Ransomware attacks increased by 17.2% percent year-over-year in 2025, with the group Qlin dominating the threat landscape, according to data generated by the LevelBlue SpiderLabs team. These attacks focused primarily on the manufacturing and technology sectors, with the US by far being the most targeted nation. 2025 continued the trend of yearly increases; however, over the last few years, the rate of attacks has somewhat slowed.
Read Post

The CISO's Take: Navigating Cyber Risk in Financial Services

Dec 30, 2025 By SecurityScorecard In SecurityScorecard
“If you are solving problems at human speed, you are at a huge disadvantage, because your attackers are operating at machine speed.” As cyber risk – in both the financial services sector and more broadly – accelerates at the pace of automation and AI, securing our future requires practitioners to be more strategic than the threat actors after our assets.
View Video

SecurityScorecard CISO Steve Cobb as Cyber Santa | Cyber Santa's 2026 Predictions

Dec 30, 2025 By SecurityScorecard In SecurityScorecard
The New Year is upon us and with a new year comes new changes. Cyber Santa is back with his predictions for the coming year and how cyber will evolve in the next 365 days. SecurityScorecard CISO Steve Cobb returns in his jolly red hat and white beard to shake his snow globe and see what's ahead for the cybersecurity industry in 2026 and what you need to know going into the new year. CISO responsibility, data sprawl, and AI governance are the top 3 on the list of emerging priorities.
View Video
Why Physical Brand Assets Still Matter in a Zero-Trust Digital Workplace

Why Physical Brand Assets Still Matter in a Zero-Trust Digital Workplace

Dec 30, 2025 By SecuritySenses In SecuritySenses
In today's digital-first work environment, organizations are embracing zero-trust security models to protect sensitive data, manage access, and prevent cyber threats. The focus is heavily on technology-firewalls, authentication protocols, endpoint monitoring-but in the rush to secure the digital realm, one crucial element is often overlooked: physical brand assets. From branded merchandise to office signage, these tangible items continue to play an essential role in reinforcing company identity, culture, and security awareness.
Read Post
What to Do If a Slip and Fall Happens in a Building With No Cameras

What to Do If a Slip and Fall Happens in a Building With No Cameras

Dec 30, 2025 By SecuritySenses In SecuritySenses
Slip and fall accidents inside buildings that don't have surveillance cameras can make things trickier when you're trying to prove what actually happened. The best way to build a solid case without video evidence? Get obsessive about documenting the scene and your injuries, right from the start. Snap a bunch of photos, hang onto any clothing that got wet or torn, and get checked out by a doctor as soon as you can. All of this stuff lays the groundwork for your claim.
Read Post
Arctic Wolf

CVE-2025-14847: MongoBleed Information Disclosure Vulnerability Exploited in the Wild

Dec 29, 2025 By Julian Tuin In Arctic Wolf
On December 19, 2025, MongoDB issued an advisory for CVE-2025-14847, known as “MongoBleed,” a high-severity vulnerability in the server’s zlib-based network compression functionality. This vulnerability affects how the database handles compressed network communications and can cause it to accidentally leak sensitive information from its memory when abused by unauthenticated threat actors. The problem occurs when MongoDB receives a specially crafted message.
Read Post

From Blame Culture to Reasonable Challenge in 2025

Dec 29, 2025 By Razorthorn Security In Razorthorn
The 2025 review highlights how blame culture still drives incident hiding in cybersecurity, even as risk grows. A simple “reasonable challenge” guide, with set phrases for raising and receiving concerns, offers a practical way in 2025 to support psychological safety, early reporting and better security governance.
View Video
appknox

Why High-Performing Security Teams Monitor App Stores as Closely as CI/CD

Dec 29, 2025 By Rucha Wele In Appknox
The most persistent risks in mobile security don’t originate in code. They appear later, inside app stores, third-party marketplaces, alternate distribution channels, and unlabeled download mirrors. A spotless SDLC doesn’t protect teams from cloned listings, fraudulent builds, outdated versions circulating in unauthorized markets, or malicious uploads positioned under a company’s name. Traditional AppSec tools aren’t built for any of this.
Read Post
appknox

The Clone Problem: Why Fake Apps Multiply Faster Than Teams Can Respond

Dec 29, 2025 By Rucha Wele In Appknox
When fraudulent apps pretend to be you, the damage rarely starts in your codebase. It starts in places most security programs don’t watch closely enough: app stores, third-party marketplaces, and alternate distribution channels. Every well-known app eventually gets cloned. Sometimes it looks harmless. Most times, it isn’t. A publisher in a regional marketplace copies your icon and description. A third-party store mirrors your listing but swaps the developer name.
Read Post
device authority

Trust Is the New Critical Infrastructure

Dec 29, 2025 By Claire Tennant In Device Authority
For more than three decades, cybersecurity innovation and investment have followed a familiar rhythm. Each major wave—network security, endpoint security, identity, cloud, and data—spawned new platform winners and reshaped the M&A landscape. Today, we stand at the threshold of the next foundational shift. The digital and physical worlds have converged to such an extent that machines—not humans—are the primary operators of enterprise networks.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.