Enterprise Security Tech

When dozens of alumni and students at the University of Pennsylvania (Penn) opened their inboxes on Friday, they encountered more than a phishing lure—what appeared was a full-on reputation-assault, wrapped in the university’s own branding. What began as a shocking email blast is now being treated by Penn’s leadership as a serious cybersecurity incident. According to Reuters, the university has engaged the Federal Bureau of Investigation (FBI) and third-party cyber forensics,

Qilin’s Explosive Reign and What It Means for Critical Infrastructure Ten months into 2025, the ransomware group Qilin  has hit a grim milestone: its 700th claimed victim . That makes it the most prolific ransomware outfit of the year—eclipsing last year’s leader, RansomHub, which logged 547 total victims in 2024. Once a fringe player in the cybercrime underground, Qilin now dominates the ransomware-as-a-service (RaaS) market, turning data extortion into an industrialized bus

Password reuse just became a lot more dangerous. In what may be one of the largest credential-harvesting operations ever documented, threat actors have compiled 3.5 terabytes of stolen login data—now labeled the “Synthient Stealer Log Threat Data”—and it’s been added to Have I Been Pwned  (HIBP). The dataset includes 183 million unique email addresses, each paired with the passwords and websites where they were stolen. For the average person juggling dozens of logins across a

When high-profile campaigns by groups like LAPSUS$ and Scattered Spider make headlines, they often leave the strong impression of technical wizardry: zero-days, clever malware, intricate breaches. But according to research from Flashpoint , that narrative misses the more profound evolution underway. Gone are the days when data extortion simply meant bulk-stealing databases: the playbook has matured to target the single most vulnerable link in modern enterprise security— human

In what many in the cybersecurity world feared might happen, the global ransomware threat has begun to rev back into gear. According to research from NCC Group , after a sustained slide in attack volume, September saw a 28 % month-on-month increase in ransomware incidents—421 attacks globally, up sharply from lower levels in the preceding months. The Anatomy of the Surge While 421 attacks is still below half a thousand, the increase is significant primarily for what it signal

In a twist that might surprise even seasoned CISOs, the fourth annual Global Ransomware Survey from OpenText reveals a paradox: businesses are increasingly confident in their ability to bounce back from ransomware — yet at the same time, they’re quietly admitting that the real threats are multiplying and shifting in ways they’re only beginning to grasp. Confidence vs. Reality According to the survey of roughly 1,800 security practitioners and business leaders, 95 %  of respo