Josh Breaker Rolfe

Vast numbers of misconfigured Access Management Systems (AMS) across the globe are exposed to the public Internet, researchers from Internet Index Search Solution provider Modat have revealed. The vulnerabilities, which span a wide range of industries—including critical sectors like construction, healthcare, oil, and government—have exposed hundreds of thousands of sensitive employee records, including personal identification details, biometric data, and even work schedules. Routine Assessment Reveals Global Security Crisis In early 2025, the Modat research team embarked on what they thought would be a routine investigation. Using the Modat Magnify tool, they scanned the global security landscape and unearthed something disconcerting:…

Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the cybersecurity gap or suffer the consequences. Upstream’s 2025 Automotive and Smart Mobility Cybersecurity Report is a critical insight into the state of cybersecurity in the automotive and smart mobility industry. It reveals that the digital revolution supercharging the automotive sector is also making it vulnerable to attack. “Addressing these challenges requires collective action. OEMs, Tier-1, Tier-2 suppliers, and smart mobility providers…

The Inside Man is security training like no other. Now in its sixth season, KnowBe4’s Netflix-style security awareness video series boasts a compelling storyline, memorable characters, and, most noticeably, a budget other training providers could only dream of. But does it actually improve customer security postures? KnowBe4 seems to think so. So, What’s it All About? The series follows Mark Shepherd, a cybercriminal gone legit, and his friends, colleagues, and love interests as they embark on various cybersecurity-related adventures. Previous seasons have seen the ‘Good Shepherd Cybersecurity’ team take on a penetration testing job for an international bank, combat a…

Ransomware payments decreased by 35.82% year-over-year (YoY) in 2024, research from Chainalysis has revealed. The blockchain analytics company attributes much of this decrease to increased law enforcement actions, improved international collaboration, and a growing refusal of victims to pay. While, throughout 2024, less than half of recorded incidents resulted in victims paying ransoms, and several major ransomware groups experienced disruption, Chainalysis is quick to mention that attackers are adapting to their new reality, rebranding and deploying new ransomware strains. Changing Victim Behaviors Changing victim behaviors are largely responsible for the fall in ransomware payments, with victims choosing backup recovery and…

Smiths Group, a multinational engineering business, has disclosed a data breach. The company, which is based in London but employees more than 15,000 people in over 50 countries, published a filing to the London Stock Exchange (LSE) on Tuesday saying that it is “currently managing a cyber security incident” involving “unauthorized access to the Company’s systems.” While details of the breach are scant, Javvad Malik, Lead Security Awareness Advocate at KnowBe4, says that it is “a reminder that all organizations, regardless of industry or size, are potential targets of cybercriminals.” Smiths Group Responds Quickly Although extent of the incident is…

The average time it takes for an attacker to move laterally after gaining initial access – known as breakout time – has plummeted to just 48 minutes, new research from ReliaQuest has revealed. These results represent a 2% increase in speed from the previous year, with some of the fastest recorded attacks taking as little as 27 minutes. According to ReliaQuest, “this quicker infiltration leaves organizations with even less time to respond, making automated defenses crucial in matching – and surpassing – the speed of adversaries.” Cybercriminals Pick Up the Pace The ReliaQuest report, titled Racing the Clock: Outpacing Accelerating…

In the cybersecurity industry, we tend to look forward. And for good reason: cybersecurity is one of the fastest-moving, most dynamic fields out there. Staying in the fight against cybercriminals relies utterly on not just keeping up with the latest trends, but also anticipating them. However, sometimes, predicting the future relies on looking to the past. As the adage goes, to know your future, you must know your past. With this in mind, VIPRE Security Group recently released their latest annual email threat landscape report, titled “Email Security in 2025: What to Expect from the Evolving Threat Landscape.” Drawing insights…

Age verification laws for adult websites have led to a dramatic surge in VPN usage across the United States, research from vpnMentor’s Cybersecurity and Research Lab has revealed. The research brings into question the efficacy of these laws as users find ways to circumvent age verification mechanisms and blocked IP addresses. Users Circumvent Age Verification In early 2024, 19 US states enacted age verification laws. However, Pornhub, one of the world’s largest pornography websites, only enforced age verification in Louisiana. For the other states, the site merely implemented IP-blocking, meaning that, in effect, the site is inaccessible for users in…

Critical infrastructure organization enrollment in CISA’s Cyber Hygiene (CyHy) service surged 201% between 1 August 2022, and 31 August 2024, a new report released by the US cybersecurity agency has revealed. The CISA CyHy service is a suite of free tools and services designed to help critical infrastructure organizations improve their security posture. Key features include vulnerability scanning, threat intelligence, and guidance and best practices. According to Emily Phelps, Director at Cyware, the service’s growth “reflects the critical sectors’ increasing focus on cybersecurity.” Critical Infrastructure Enrollment by Sector According to CISA’s Cybersecurity Performance Goals (CPG) Adoption Report, the following industries…

Research from the Halcyon RISE Team has revealed that a ransomware actor dubbed “Codefinger” has launched a new campaign on Amazon S3 buckets, leveraging WS’s Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data and render victims powerless to recover data without paying the ransom. New Technique a Systemic Threat Halcyon says this tactic “represents a significant evolution in ransomware capabilities” and that its widespread use could “pose a systemic threat to organizations using Amazon S3 for critical data storage.” Unlike traditional ransomware that encrypts files locally or in transit, this attack integrates directly with AWS’s secure encryption infrastructure,…