trends

Violent Cybercrime Surges in Europe Amid Big Payouts

Cybercriminals in Europe are increasingly engaging in violent tactics, with 18 reported incidents in 2025, predominantly in France. This surge, termed “violence as a service,” includes high-profile cases like the kidnapping of Ledger co-founders. The UK remains the most targeted country for cybercrime, with over 2,100 attacks recorded since 2024, primarily from ransomware and data theft groups. The rise in violence is linked to organized networks that facilitate traditional cybercrime and physical theft, especially concerning cryptocurrency.

https://www.theregister.com/2025/11/04/cybercriminals_increasingly_rely_on_violence/

Ransomware Hackers Look for New Tactics Amid Falling Profits

Ransomware profits are down, forcing cybercriminals to adopt new tactics to demand payment, including bribing insiders and using social engineering techniques such as callback phishing. Fewer organizations are paying ransoms, and the average payment has dropped significantly. This has fragmented the ransomware ecosystem, with smaller groups targeting industries and regions that weren’t previously affected. Attackers now focus on recruiting insiders, directly contacting executives with ransom demands, and exploiting supply chains. Enterprises should become more vigilant against internal threats as hackers adapt their techniques to make up for lost earnings.

https://www.databreachtoday.com/ransomware-hackers-look-for-new-tactics-amid-falling-profits-a-29867

Ransomware Profits Drop as Victims Stop Paying Hackers

Ransomware payments have dropped to 23% among breached companies, marking a continuous decline. Enhanced security and pressure from authorities are cited as reasons for this trend. As ransomware groups shift focus from encryption to data theft, newer attacks show only a 19% payment rate when data is stolen without encryption. Average ransom payments decreased to $377,000. Targeting mid-sized firms increases as larger companies fortify defenses. Cyber attackers may pivot to social engineering to gain access as profits dwindle.

https://www.bleepingcomputer.com/news/security/ransomware-profits-drop-as-victims-stop-paying-hackers/

Extortion and Ransomware Drive Over Half of Cyberattacks

Over half of cyberattacks are driven by financial motives, mainly extortion and ransomware, according to Microsoft's latest Digital Defense Report. Most incidents targeted data theft rather than espionage. Cybercriminals, empowered by AI and automation, continue to target critical services like healthcare and local governments, often hindering emergency response. Nation-state actors also pose a threat, expanding their operations for espionage and financial gain. Microsoft emphasizes the importance of strong cybersecurity measures, including phishing-resistant multifactor authentication, and calls for collaboration between organizations and governments to combat increasingly sophisticated cyber threats.

https://blogs.microsoft.com/on-the-issues/2025/10/16/mddr-2025/

New Cybersecurity Survey 2025: AI, Scam Fears and Fraud Risks

Mastercard is a global payments technology company offering various credit, debit, and prepaid cards with security and payment solutions. A recent survey reveals many consumers feel more insecure about online safety than home security, with significant anxiety about cyber threats and AI-generated scams. Younger generations are more susceptible to online fraud but express confidence in their threat detection abilities. Trust and security are critical for digital economies, and collaboration between human intuition and AI is essential for effective cybersecurity.

https://www.mastercard.com/global/en/news-and-trends/stories/2025/consumer-cybersecurity-survey.html

Phishing and Scams: How Fraudsters Are Deceiving Users in 2025

The threat landscape is evolving, exploiting AI to enhance phishing tactics via personalized emails, deepfakes, and messaging app scams, particularly on platforms like Telegram. Users are advised to scrutinize unexpected communications, verify requests for sensitive information, and move cautiously on social media to mitigate risks.

https://securelist.com/new-phishing-and-scam-trends-in-2025/117217/

Hello 0-Days, My Old Friend: a 2024 Zero-Day Exploitation Analysis

Google's Threat Intelligence Group reported 75 zero-day vulnerabilities exploited in 2024, down from 98 in 2023 but up from 63 in 2022. This year's exploitation continued a trend towards targeting enterprise technologies over end-user products. Key findings included:

  1. Trends in Exploitation: 44% of vulnerabilities targeted enterprise software, up from 37% in 2023. Vendors are improving security, reducing exploits on popular targets like browsers.
  2. Notable Targets: Security and networking products saw increased exploitation, with a significant focus on Ivanti and Palo Alto. Attackers' focus is shifting from end-user devices to critical enterprise infrastructures.
  3. Actor Analysis: State-sponsored espionage actors, particularly from China and North Korea, accounted for the majority of attributable exploitation, often blending espionage with financial motives.
  4. Exploited Vulnerability Types: The most common were remote code execution and privilege escalation vulnerabilities, often resulting from software coding errors.

Overall, while detection and vendor defenses improve, zero-day vulnerabilities remain appealing to threat actors, necessitating stronger vendor security practices.

https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends/

RSAC 2025: What We Expect at the Largest Cybersecurity Conference of the Year

RSAC 2025, the largest cybersecurity conference, will address critical topics like AI management, non-human identities, and online safety for seniors. Attendees will learn from experts including Bruce Schneier on AI trustworthiness, and explore scam prevention strategies led by Ayelet Biger-Levin. Key initiatives include evolving the web for privacy with Sir Tim Berners-Lee's Solid project and a special DARPA AI challenge showcase. PCMag will cover highlights from the event starting April 28.

https://uk.pcmag.com/security/157731/rsac-2025-what-we-expect-at-the-largest-cybersecurity-conference-of-the-year

The Digital Illusion: Millennials and Online Safety Risks

TLDR: 70% of millennials rarely verify online identities, risking exposure to identity fraud and misinformation. Despite digital savviness, many still trust misleading online interactions, highlighting a gap in cybersecurity awareness. Oversharing personal information increases vulnerability to attacks. Millennials need to adopt critical thinking and verify sources to strengthen their online safety.

https://www.kaspersky.com/blog/the-digital-illusion/53137/

Gen Z Facing Increased Cybersecurity Threats

Gen Z, digital natives, face significant cybersecurity risks despite tech familiarity. Studies reveal overconfidence in recognizing threats, with 52% using vulnerable passwords. The rise of AI complicates matters, as 46% share sensitive data with AI tools unchecked. Training gaps persist, with many lacking access to education, and those offered abandon important security tools. Psychological stress about job security due to breaches is notable. However, growing awareness among Gen Z could foster stronger cybersecurity defenses in the future.

https://www.pandasecurity.com/en/mediacenter/gen-z-facing-increased-cybersecurity-threats/

LatAm Orgs Face 40% More Attacks Than Global Average

Due to weaker security, political instability, and rapid tech adoption, Latin American organizations experience 40% more cyberattacks than the global average. Check Point found that Latin America faces 2,569 attacks weekly, impacting critical industries and vulnerable citizens, particularly in countries like Brazil, Mexico, and Colombia. Cybercriminals exploit these conditions, often collaborating with local cartels, while law enforcement struggles to control the surge in cybercrime.

https://www.darkreading.com/cybersecurity-analytics/latin-american-orgs-more-cyberattacks-global-average

Scroll to Top