AI is transforming both cyber offense and defense, but the attackers hold distinct advantages.  AI tools can be used for attacks and defense but the attackers are less concerned with quality or problems.  They can use risky or unvetted technology wit

China has implemented a 1-hour reporting requirement for severe cybersecurity incidents! First, this is in stark contrast to the disorganized and lengthy US reporting requirements, but more importantly it provides insights to one of the most aggressi

UK shows leadership in a proposal to ban ransomware payments for public entities like healthcare, education, government services and other national critical infrastructure! This is a great step forward to undermine all ransomware attacks.

Such a strat

Russia is one of the most aggressive nations when it comes to state coordinated cyberattacks — and Ukraine has been at the center of their crosshairs for 3 years. This report, provided the State Service of Special Communications and Information Prote

As cryptocurrency becomes more popular and the adoption rises, we see a related increase in the number of cybercrimes, fraud, and malware schemes. Criminals like to hunt and plunder where there is money! If you hold cryptocurrency or are using Web3 p

Compromising the hardware layer, especially the CPU, is the Holy Grail of cyberattacks. Recent work by Christiaan Beek, a leading cybersecurity researcher at Rapid7, into developing a ransomware proof-of-concept that infects at the hardware layer, in

Nations are investing heavily in offensive cyber capabilities. The proposed 2026 US defense budget earmarks an additional $1 billion in funding for offensive cyber operations, specifically to the US Indo-Pacific Command (USINDOPACOM). In 2025, the De

The Cybersecurity Vault — episode 44, with guest Rinki Sethi.

2025 will be an interesting year for the cybersecurity industry! Cybersecurity Insights interviews experts for their take on the most relevant changes. Rinki Sethi discusses how attackers a

The Cybersecurity Vault - episode 39, with guest Ian Thornton-Trump. 

China is one of the most aggressive nation states when it comes to cybersecurity.  They possess a renown global proficiency in attacking digital networks, harvesting sensitive data,

Microsoft will release a new Teams feature that allows users to clone their voice so the system can translate their conversation into different languages in real time. However, this amazing technology has a dark side as malicious attackers may misuse

This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!

Never underestimate the creativity and resourcefulness of intelligent adversaries in finding ways to leverage technology for the

There are big predators in our digital world. In recent keynotes I have been talking about the big 4 aggressive nation states and how they are heavily investing in offensive cyber capabilities that trickles down to everyday cybercriminals.  

Cybersec

The decentralized finance (DeFi) and cryptocurrency industries are being targeted by North Korean social engineering schemes in highly personalized and convincing ways.

Here is an example that the FBI is showcasing:

1. A person from your dream company,

This is the replay of the live LinkedIn interview with Matthew Rosenquist (CISO at Mercury Risk. - Formerly Intel Corp, Cybersecurity Strategist, Board Advisor, Keynote Speaker) to discuss the Rise of Aggressive Nation State Capabilities. Hosted by A

Google wants to up-sell enterprise Gmail users for AI security enhancements, when in reality the feature is mitigating the advances that attackers are making through their own innovative use of AI, making their Social Engineering attacks more effecti

The Cybersecurity Vault - episode 35, with guest Mikko Hypponen. 

Some of the most aggressive cyber attacks originate out of Russia.  The 2022 invasion of Ukraine was a pivotal moment for nation state attacks.  Mikko is close to the front lines and on

Attention IT departments, the FBI is warning US companies to be wary of inadvertently hiring North Koreans to remotely work in their IT departments, amid fears of data theft and hacking.

We are seeing organized activities designed to mask the origins

The Cybersecurity Vault — episode 32, with guest Ian Thornton Trump.

In this episode, we discuss one of the most divisive and contentious topics in cybersecurity — should victims of ransomware be allowed to pay the cybercriminals?

With the continuing r