Posts

Showing posts from July, 2025

IT Threat Evolution in Q1 2025: A Deep Dive for Business and Cybersecurity Leaders

🚨 Q1 2025 Was a Wake-Up Call The first quarter of 2025 saw cybercriminals ramp up their tactics across the board — from ransomware and cryptominers to macOS malware and IoT device exploits. Drawing on detailed telemetry from Kaspersky, we break down the most urgent threats and what they mean for business leaders, IT teams, and cybersecurity professionals. 📊 Global Threat Landscape: Q1 in Numbers 629+ million attacks blocked by Kaspersky products 88 million malicious URLs detected 21.5 million+ harmful files intercepted 11,733 new ransomware variants emerged 85,000+ users hit by ransomware 315,000+ users faced miner-related threats 🔐 Ransomware: Evolving Faster Than Defenses Three ransomware gangs dominated in Q1: RansomHub – 11.03% of public victim disclosures Akira – 10.89% Clop – 10.69% 📌 Notable Law Enforcement Wins 8Base/Phobos takedown – Arrest of four members across Thailand, linked to 1,000+ attacks and $16M in extortion ...

📌 The AI Boom Is Here — But Is Your Business Using It Securely?

Image
📌 The AI Boom Is Here — But Is Your Business Using It Securely? AI isn’t coming — it’s already here. From writing emails to forecasting trends, tools like ChatGPT, Microsoft Copilot, and Google Gemini are now part of daily business operations. What started as experimentation has quickly become embedded in workflows — from marketing and customer service to product development and HR. But while AI promises speed and scale, it also brings one massive wildcard: 👉 Security risk. 🔐 Why It Matters: AI Is a Double-Edged Sword AI tools are incredible productivity enhancers — but most weren’t designed with your business’s compliance or data security in mind. This creates real risk: ⚠️ Sensitive data leaks via prompts ⚠️ Employees using unapproved tools (“Shadow AI”) ⚠️ Compliance gaps (GDPR, ISO, local privacy laws) ⚠️ Lack of internal AI usage policies ⚠️ Exposure of client data or IP to third-party platforms Most SMEs and business leaders don’t even reali...

Qantas Breach: 6 Million Customers at Risk in Major Cyber Attack

Image
Date: July 2nd 2025 By: | TheCyberGuyAU Qantas has confirmed a cyber attack has exposed the personal data of millions of its customers — a stark reminder that no brand, no matter how trusted, is immune. What happened? On Monday, Qantas detected unusual activity on a third-party system used by its call centre . That system, now confirmed as compromised, held records for 6 million customers . The initial investigation suggests that a “significant proportion” of the data has been stolen. Names Email addresses Phone numbers Dates of birth Frequent flyer numbers The good news? Qantas says no credit card data, passport numbers, or login credentials were involved. “Our customers trust us with their personal information and we take that responsibility seriously.” — Qantas CEO Vanessa Hudson Who’s behind it? While Qantas has not officially confirmed the group responsible, cybersecurity analysts at CyberCX say the attack has the hallmarks of Scatt...

Restless Guests: The Hidden Entra Risk That Could Compromise Your Cloud

Image
It starts with something most organisations see as low-risk a guest account invited into your Microsoft Entra environment. But that invitation could open the door to a hidden, high-risk attack path you didn’t even know existed. 🧠 The Unexpected Attack Surface Researchers have discovered a little-known flaw in how Microsoft Entra handles subscriptions and billing roles. It allows a guest user to create and transfer subscriptions into your tenant  while retaining full ownership of them. Here’s how it works: Guest is invited into your Entra ID tenant They use their own billing role from their home tenant to create a subscription They transfer that subscription into your tenant Now they’re the owner  inside your environment And most Azure admins have no visibility of this via standard Entra permission reviews. 🔓 What Can a Guest Do with Subscription Access? Once inside, a “restless guest” can: Access and expose high-privilege account info Mod...