Cyber security trends for 2025

Here is collection of some cyber security trends and predictions for 2025 from various sources:

Pimeän verkon keskustelut paljastavat: Tällaista kyytiä on luvassa vuonna 2025
Keskustelut paljastavat ensi vuoden uhkakuvat.
https://www.is.fi/digitoday/tietoturva/art-2000010908617.html

VPN provider NordVPN has partnered with researchers at NordStellar to predict the cyber threats of 2025. The companies analyzed the largest dark web forums to identify the most talked about and trending topics. These include:
Advanced disinformation services
Stolen digital identities
AI-based social engineering
Smart home vulnerabilities
The state of connected homes is already fragile, NordVPN warns.

Kyberturvallisuuden ja tekoälyn tärkeimmät trendit 2025
https://www.uusiteknologia.fi/2024/11/20/kyberturvallisuuden-ja-tekoalyn-tarkeimmat-trendit-2025/

Security firm Palo Alto Networks has released a comprehensive list of emerging threats and the impact of advances in artificial intelligence (AI) for the coming year. While they present their own risks, they also help malicious actors seek help to exploit the new capabilities of AI.

Cyber ​​infrastructure is focused on one unified security platform
Large amounts of data give an advantage against new entrepreneurs
Businesses are increasingly adopting secure enterprise browsers
In 2025, more attention will be paid to the energy impacts of artificial intelligence
The realities of quantum technology will become clearer in 2025
Security and marketing directors work more closely together

Kyberhyökkäykset ovat entistä laajempia, röyhkeämpiä ja vahingollisempia.
https://www.verkkouutiset.fi/?p=694453#9c1dc2d3

Cybersecurity company Fortinet has published a cyber threat forecast for 2025. According to it, threat actors will continue to rely on many traditional tactics that have been used for decades.
According to the report, the following cyber threats will be increasingly seen around the world starting next year.

Cybercriminals specialize in certain stages of the attack chain
Attacks on cloud environments are becoming more common
Automated hacking tools on dark web sales platforms
Real-life threats become part of attackers’ tactics
Anti-attack groups expand cooperation

A grim forecast for 2025
Security company warns of new-age cyberattacks.
https://www.iltalehti.fi/digiuutiset/a/3ba5142e-f0ee-43fe-8bd2-4468a9d2d5bd

According to security company Fortinet, many cybercriminals are making better attacks than before, which is not a good thing at all. In addition, old protection methods may not be enough as criminals find new ways to attack.
The company’s Fortiguard Labs team has compiled an updated threat forecast report for 2025, which underlines that cyberattacks are becoming more targeted and harmful, for example, as turnkey cyberattack services become more common.

1 Specialization
2 Cloud and artificial intelligence as themes
3 Real-life threats are part of the tactic

Fortinet reminds us that the responsibility for ensuring information security lies with everyone, not just corporate security and IT teams.
– No single organization or security team can prevent cybercrime on its own, it underlines.

Guidance to survive 2025:

Product Security Bad Practices
https://www.cisa.gov/resources-tools/resources/product-security-bad-practices

MITRE shares 2024′s top 25 most dangerous software weaknesses
https://www.bleepingcomputer.com/news/security/mitre-shares-2024s-top-25-most-dangerous-software-weaknesses/

Six password takeaways from the updated NIST cybersecurity framework
https://www.bleepingcomputer.com/news/security/six-password-takeaways-from-the-updated-nist-cybersecurity-framework/

37 Comments

  1. Tomi Engdahl says:

    Osaatko sinä tehdä tämän tärkeän tempun vanhalle älylaitteellesi? Moni ei osaa
    28.12.202419:02
    Brittien tietosuojavaltuutetun toimisto varoittaa, etteivät monet aikuiset osaa tyhjentää vanhoja käytöstä poistuneita älylaitteitaan. Huolestuttava määrä nuorista ei puolestaan välitä laitteiden tyhjentämisistä
    https://www.mikrobitti.fi/uutiset/osaatko-sina-tehda-taman-tarkean-tempun-vanhalle-alylaitteellesi-moni-ei-osaa/ef1ec5a7-3253-43f8-a6ab-0e5775d1867b

    Reply
  2. Tomi Engdahl says:

    Näetkö tässä kuvassa jotain outoa? Melkein huomaamaton merkki kertoo siitä, että puhelintasi ehkä vakoillaan
    Vihreä merkki kertoo Android-puhelimen mikrofonin ja/tai kameran käyttämisestä – ja voi vihjata vakavasta vaarasta.
    Luin seuraavan artikkelin ja ajattelin sen kiinnostavan sinua:
    Näetkö tässä kuvassa jotain outoa? Melkein huomaamaton merkki kertoo siitä, että puhelintasi ehkä vakoillaan
    https://www.is.fi/digitoday/art-2000010069346.html

    Reply
  3. Tomi Engdahl says:

    Endpoint Security
    Tenable Disables Nessus Agents Over Faulty Updates

    Tenable has disabled two Nessus scanner agent versions after a differential plugin update caused the agents to go offline.

    https://www.securityweek.com/tenable-disables-nessus-agents-over-faulty-updates/

    Reply
  4. Tomi Engdahl says:

    Windows 10:n tuki päättyy – Toimi näin
    Vuonna 2021 julkaistu Windows 11 ei ole vieläkään kyennyt nostamaan markkinaosuuttaan merkittävästi. Microsoftin asettamia tiukkoja laitteistovaatimuksia pidetään ensisijaisena syynä Windows 11:n alhaiselle suosiolle.
    https://www.iltalehti.fi/digiuutiset/a/91c71ac5-73c1-45d9-8b95-961e06f95d86

    Microsoftin sinnikkäistä yrityksistä huolimatta Windows 11 on tällä hetkellä käytössä vasta alle 30 prosentissa kaikista Windows-koneista, vaikka sen edeltäjän Windows 10:n tuki päättyy jo kuluvan vuoden lokakuussa. Tämän takia monet Windows 10:n käyttäjät ovat hankalan tilanteen edessä, sillä tuen päättymisen jälkeen Microsoft alkaa periä maksua käyttöjärjestelmän virallisista päivityksistä. Toisaalta monet käyttäjät eivät edes voi päivittää Windows 11:een Microsoftin asettamien tiukkojen laitteistorajoitusten vuoksi.

    Asiasta uutisoineen Techspotin siteeraaman ESETin Tietoturva-asiantuntija Thorsten Urbanskin mukaan Windows 10 tuen päättyminen voi vaarantaa useimmat Windows-laitteet, sillä ilman virallisia tietoturvapäivityksiä miljoonat tietokoneet voivat olla erittäin haavoittuvia kyberhyökkäyksille ja muille tietoturvauhkille.
    Windows 11:n markkinaosuus junnaa paikallaan

    Windows 10 julkaistiin kesällä 2015 ja se on edelleen käytetyin Windows-versio. Esimerkiksi Saksassa käyttöjärjestelmän osuus kaikista Windowsia käyttävistä koneista on edelleen 65 prosenttia, mikä tarkoittaa noin 32 miljoonaa laitetta.

    Käyttöjärjestelmien markkinaosuuksia maailmanlaajuisesti seuraavan Statcounterin luvut antavat samankaltaisia lukemia: Windows 10:n osuus kaikista Windows-koneista oli joulukuussa noin 62 prosenttia. Statcounterin mukaan vuonna 2021 julkaistu Windows 11 oli saavuttanut vain 34 prosentin markkinasiivun joulukuuhun mennessä.

    End of Windows 10 support this year threatens over 60% of active Windows PCs
    More than 3 years after launch, Windows 11 remains a minority
    https://www.techspot.com/news/106223-end-windows-10-support-year-threatens-over-60.html

    Bottom line: Security experts are continuing to to raise alarms regarding Windows 10′s impending end-of-life status this October. Despite Microsoft’s best efforts, only about 30% of its users have upgraded to Windows 11 since its launch in 2021. The remaining majority face difficult choices, as continuing to receive official security updates will come at a cost, and many Windows 10 devices don’t meet Windows 11′s stringent hardware requirements.

    Thorsten Urbanski, a security expert at ESET, warns that the end of support for Windows 10 could put most Windows devices at risk. Without free official security updates, millions of business and personal systems could become highly vulnerable to cyberattacks and other security threats.

    As Windows 10 approaches its 10th anniversary, it remains the most widely used Windows operating system by far. ESET estimates that approximately 65% of devices in Germany – around 32 million – are still running Windows 10.

    Reply
  5. Tomi Engdahl says:

    “Common sense is a huge part of information security” – cybersecurity lecturer Pia Satopää knows where room for improvement lies
    AI-assisted information security attacks, deepfake scams, and the CrowdStrike case have made headlines in the field of cybersecurity. How do constantly changing and developing technologies affect cybersecurity, and where do we focus on information security? Pia Satopää, an experienced cybersecurity expert and lecturer, sheds light on the current situation in cybersecurity. 
    https://www.dna.fi/dnabusiness/blogi/-/blogs/common-sense-is-a-huge-part-of-information-security-cybersecurity-lecturer-pia-satopaa-knows-where-room-for-improvement-lies?utm_source=facebook&utm_medium=social&utm_content=LAA-artikkeli-common-sense-is-a-huge-part-of-information-security-cybersecurity-lecturer-pia-satopaa-knows-where-room-for-improvement-lies&utm_campaign=P_LAA_25-01-04_artikkelikampanja__&fbclid=IwY2xjawHrp6JleHRuA2FlbQEwAGFkaWQBqxa6bnJrPAEdEvh4e_DYDjt9JAuHwXx4LqELtBlV7sMOhO5VN4c8suvnb7nmzpJ3Ln_c_aem_hzawUG-d_CNtgdxodqGyDA

    Reply
  6. Tomi Engdahl says:

    Google searches on how to cancel and delete Facebook, Instagram, and Threads accounts have surged in the U.S. following Meta CEO Mark Zuckerberg’s announcement to end third-party fact-checking, loosen content moderation, and roll back limits on political content in user feeds.

    Interest in searches related to getting off Meta platforms soared this week, particularly in the last two days. Google searches for terms like “how to permanently delete facebook” hit a maximum score of 100 – the highest level of interest possible on Google Trends.

    Read more from Rebecca Bellan here: https://tcrn.ch/4gE9LPz

    #TechCrunch #technews #Meta #MarkZuckerberg #socialmedia

    Reply
  7. Tomi Engdahl says:

    From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025
    https://www.securityweek.com/from-silos-to-synergy-transforming-threat-intelligence-sharing-in-2025/

    In the face of ever-growing threats and adversaries, organizations must break down the silos between ALL teams involved in security.

    Reply
  8. Tomi Engdahl says:

    SecurityWeek

    Malware & Threats
    Security Operations
    Security Architecture
    Risk Management
    CISO Strategy
    ICS/OT
    Funding/M&A

    Cybersecurity News
    Webcasts
    Virtual Events

    ICS Cybersecurity Conference

    Connect with us

    Hi, what are you looking for?
    SecurityWeek
    SecurityWeek
    SecurityWeek

    Malware & Threats
    Cyberwarfare
    Cybercrime
    Data Breaches
    Fraud & Identity Theft
    Nation-State
    Ransomware
    Vulnerabilities
    Security Operations
    Threat Intelligence
    Incident Response
    Tracking & Law Enforcement
    Security Architecture
    Application Security
    Cloud Security
    Endpoint Security
    Identity & Access
    IoT Security
    Mobile & Wireless
    Network Security
    Risk Management
    Cyber Insurance
    Data Protection
    Privacy & Compliance
    Supply Chain Security
    CISO Strategy
    Cyber Insurance
    CISO Conversations
    CISO Forum
    ICS/OT
    Industrial Cybersecurity
    ICS Cybersecurity Conference
    Funding/M&A
    Cybersecurity Funding
    M&A Tracker

    CISO Forum 2025 Outlook: Session 1
    Artificial Intelligence
    Trolley Problem, Safety Versus Security of Generative AI

    The only way to advance AI safety is to increase human interactions, human values and societal governance to promote a reinforced human feedback loop, much like we do with traditional AI training methods.

    https://www.securityweek.com/trolley-problem-safety-versus-security-of-generative-ai/

    Reply
  9. Tomi Engdahl says:

    Luin seuraavan artikkelin ja ajattelin sen kiinnostavan sinua:
    Mikko Hyppönen antaa jykevän neuvon: ”Jos kotisi palaa…”
    https://www.is.fi/digitoday/tietoturva/art-2000010949331.html

    Reply
  10. Tomi Engdahl says:

    Threat Intelligence
    From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025
    In the face of ever-growing threats and adversaries, organizations must break down the silos between ALL teams involved in security.
    https://www.securityweek.com/from-silos-to-synergy-transforming-threat-intelligence-sharing-in-2025/

    As we look ahead to the New Year and think about what we are going to prioritize from a security and threat intelligence perspective, it struck me that it is the same problem of old with which we are challenged: collaborating and communicating more effectively to share vital intelligence in the face of ever-growing threats and adversaries.

    Growing collaboration across government and industry partners

    On a macro level we are certainly seeing more collaboration efforts within the intelligence community. I recently saw an article about U.S. intelligence agencies working toward closer collaboration with government and industry partners. The Office of the Director of National Intelligence (ODNI) has established an Office of Partnership Engagement designed to foster closer industry collaboration and provide ODNI with access to commercial insights about AI, cybersecurity and space, among other areas.

    Additionally, other agencies like the National Security Agency (NSA) have established information exchange programs that help the government and industry get on the same page about cyber threats. NSA’s Cybersecurity Collaboration Center authorizes the government and the private sector to share information about cyber criminals and nation-state hackers.

    Reply
  11. Tomi Engdahl says:

    Application Security
    AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming

    Redmond’s AI Red Team says human involvement remains irreplaceable in addressing nuanced risks.

    https://www.securityweek.com/ai-wont-take-this-job-microsoft-says-human-ingenuity-crucial-to-red-teaming/

    Reply
  12. Tomi Engdahl says:

    Memory-Based Attacks: How Fileless Malware Operates Without Leaving A Trace
    https://cybersecuritynews.com/memory-based-attacks/

    Threat actors are always developing new and more effective approaches to system breaches in the perpetually shifting field of cybersecurity.

    From basic computer viruses to the sophisticated persistent dangers of today, malware has developed extremely dramatically.

    Reply
  13. Tomi Engdahl says:

    The Quantum Cybersecurity Revolution: Arguably The Biggest Startup Opportunity In 2025
    https://www.forbes.com/sites/abdoriani/2024/12/30/the-quantum-cybersecurity-revolution-arguably-the-biggest-startup-opportunity-in-2025/

    Quantum computing is rapidly transitioning from theoretical research to practical applications. Among the most affected fields is cybersecurity, because the threat of quantum decryption makes many of the current cybersecurity systems obsolete.

    Needless to say, this huge threat to the world’s digital information provides great opportunities for innovative companies to create effective data protection for a quantum computing world.

    This article examines how these technologies are evolving and their implications for tech startups in the upcoming year.

    Reply
  14. Tomi Engdahl says:

    Artificial Intelligence
    How to Eliminate “Shadow AI” in Software Development

    With a security-first culture fully in play, developers will view the protected deployment of AI as a marketable skill, and respond accordingly.

    https://www.securityweek.com/how-to-eliminate-shadow-ai-in-software-development/

    In a recent column, I wrote about the nearly ubiquitous state of artificial intelligence (AI) in software development, with a GitHub survey showing 92 percent of U.S.-based developers using AI coding tools both in and outside of work. Seeing a subsequent surge in their productivity, many are taking part in what’s called “shadow AI” by leveraging the technology without the knowledge or approval of their organization’s IT department and/or chief information security officer (CISO).

    This should come as no surprise, as motivated employees will inevitably seek out technologies that maximize their value potential while reducing repetitive tasks that get in the way of more challenging, creative pursuits. After all, this is what AI is doing for not only developers but professionals across the board. The unapproved usage of these tools isn’t exactly new either, as we’ve seen similar scenarios play out with shadow IT, and shadow software as a service (SaaS).

    Reply
  15. Tomi Engdahl says:

    Management & Strategy
    WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors

    WEF’s Global Cybersecurity Outlook 2025 report highlights key challenges like the skills gap, third-party risks, and resilience disparities between businesses and private sectors.

    https://www.securityweek.com/wef-report-reveals-growing-cyber-resilience-divide-between-public-and-private-sectors/

    Reply
  16. Tomi Engdahl says:

    Chainsaw: Open-source tool for hunting through Windows forensic artefacts
    Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection rules.
    https://www.helpnetsecurity.com/2025/01/13/chainsaw-open-source-tool-hunting-through-windows-forensic-artefacts/

    Reply
  17. Tomi Engdahl says:

    Cyber Insights 2025: Open Source and Software Supply Chain Security

    Open source software (OSS) is a prime target for supply chain cyberattacks and protecting it remains a major challenge.

    https://www.securityweek.com/cyber-insights-2025-open-source-and-the-software-supply-chain/

    Attacking the OSS supply chain is a no-brainer for malicious actors: protecting it is hard.
    The OSS threat vector

    Open source software (OSS) has become a major threat vector over the last decade. The reason is simple mathematics. “There are over 5 million OSS packages available,” explains Mehran Farimani, CEO at RapidFort.

    Chris Hughes, chief security advisor at Endor Labs, adds, “Adoption [of OSS] has grown exponentially in the last decade and shows no signs of slowing down. It is now found in nearly 90% of modern code bases and makes up 70-80% of those code bases.”

    Nick Mistry, CISO and SVP at Lineaje, says, “On average, most companies work with 11 third parties. Of those 11 third parties, 98% have experienced a breach. Research found that an average of 250 components with unknown origins lurk within every application, creating significant points of exposure for the software supply chain – sometimes even years later.”

    Raj Samani, SVP and chief scientist at Rapid7, continues, “With supply chain attacks increasing by 431% since 2021, it’s clear that in 2025, this will remain an area where organizations will be exposed through vulnerabilities in open-source software. Instead of being directly targeted, many organizations may find themselves compromised via their suppliers, partners, or third-party dependencies.”

    OSS offers a one-to-many opportunity – one compromised OSS package can result in multiple company breaches. Since cybercrime is a business, return on effort is important to the criminal: compromising one target to lead to multiple victims is a no-brainer. The mathematics of OSS shows the size of the opportunity, while the mathematics of supply chain breaches shows the criminal success rate in targeting OSS.

    Criminals will continue, increasingly, to target this vector in 2025. The only real question is whether the success rate will grow (through new opportunities), level off (through a form of equilibrium between attack and defense), or decrease through industry and regulatory efforts.
    OSS threats to the supply chain

    OSS developers are not required to produce SBOMs (see the SBOM section below). Federal agencies and some critical industries are required to demand them. Private industries are not required to demand them, although regulations (such as DORA) require open source testing (which would benefit from the provision of an open source SBOM).

    In short, OSS SBOMs are urged and helpful, but not guaranteed. This all contributes to a lack of governance and visibility into a massive source of code used in most applications produced and / or consumed by the majority of companies.

    “OSS projects vary in levels of maintenance and updates. Many OSS libraries are funded by free or personal time of the maintainer(s), which can be a risk to the project as updates and changes are likely to be made less frequently,” comments Anthony Tam, manager of security engineering at Tigera. “Open Source Software will continue to be a risk to software supply chain security because software vendors will always require OSS libraries to build their products.”

    It is, adds Jamie Scott, founding product manager at Endor Labs, “a nine-trillion-dollar public resource that has dramatically accelerated innovation. Making the choice to not use open source would be a choice to set yourself at a competitive disadvantage. [But] there is no shared responsibility model for open source. You use it, you own it.” Including the risks.

    The open nature of OSS allows easy auditing by both good guys and bad guys – but the bad guys seem to put in more effort. “Malicious actors know how widely OSS is adopted and how opaque and vulnerable its ecosystem is,” adds Hughes. “This is due to poor governance by organizations using open source, as well as a lack of transparency for consumers purchasing products and services with little to no insight into what open source is powering those products.”

    The very nature of the OSS ecosphere explains why it plays such a great part in supply chain attacks. The question here is whether this will continue through 2025, or whether we have already borne the brunt. The general feeling is that it will continue.

    “OSS will always be a threat to the software supply chain,” says Scott.

    “Attackers will continue to take advantage of this lack of governance and use a combination of social engineering such as in the case of XZ Utils and technical attacks to compromise widely used OSS components,” says Hughes.

    It will worsen because “Foreign entities are increasingly exploiting the OSS ecosystem to introduce malicious code,” says Farimani. Think of the Polyfill incident.

    “Major vulnerabilities like Log4j, Heartbleed, and Shellshock have always been unpredictable by nature. Another significant event is almost inevitable, though pinpointing a specific timeframe, such as 2025, is difficult,” says Michael Skelton, VP of operations and hacker success at Bugcrowd. “As long as we continue to rely heavily on OSS with deep-rooted dependencies, which seems impossible to avoid, similar large-scale vulnerabilities are likely to surface.”

    Samani finishes, “While we can hope to avoid another crisis like Log4j, we must recognize the significant resources and advanced techniques that threat groups are dedicating to exploiting weaknesses within the software supply chain. These groups are more sophisticated than ever, and their focus on supply chain vulnerabilities will only intensify in the coming year.”

    He suggests, “Organizations must prepare for a challenging threat landscape, as adversaries increasingly capitalize on vulnerabilities in widely used open-source software embedded within interconnected supply chains.”

    AI and open source

    The big disruptor to cybersecurity in 2025 will be artificial intelligence. Frankly we don’t know how things will pan out, but we can be certain that OSS security will be affected.

    “There are definitely aspects of AI threats to open source,” says Hughes. “Some examples include developers using co-pilots and gen-AI tools that may use insecure libraries and components when producing code and developers inherently trusting gen-AI developed code without proper code review.”

    AI plus OSS registries help bad actors create malicious but attractive OSS code; and company developers and inherent trust can create a supply chain threat. Scott expands on the process: “Gen-AI platforms, such as ChatGPT, are being used more than ever for code generation,” says Scott. “The latest attack vector exploiting this trend is called an AI Package Hallucination attack.”

    The attack starts with a malicious actor prompting an LLM to ‘hallucinate’ a non-existent but plausible package name, which is registered. The attacker then uses the LLM to generate code and suggest dependencies, but also adds malicious code. The result is a highly plausible but subtly malicious package which is included within an OSS registry like npm or PyPI.

    “Attackers can now publish malicious packages under these hallucinated names, leading unsuspecting company developers into using them, perhaps under recommendation from their own use of AI,” continues Scott. “Many gen-AI coding users execute gen-AI code to test it without verifying the legitimacy of the code created. ‘Trust but verify’ applies to software created by AI, and we need to train a new age of developers to verify the packages recommended to them by AI systems.”

    Skelton adds, “Gen-AI introduces new threats to OSS, including the possibility of AI-driven code synthesis inserting subtle vulnerabilities. Additionally, AI models can expedite vulnerability detection in OSS code bases, potentially identifying exploitable patterns more rapidly than traditional methods.”

    Attempts to defend the OSS vector

    Two areas worth monitoring for future success in defending OSS and the supply chain in 2025 are SBOMs, and the new tea protocol.
    SBOMs

    The federal government started pushing for the use of software bills of materials (SBOMs) as part of Biden’s Executive Order on Improving the Nation’s Cybersecurity (EO14028, May 2021).

    There is no direct mandate for OSS to include an SBOM; however, federal agencies are effectively required to demand one before using OSS. The EO states, “Developers often use available open source and third-party software components to create a product; an SBOM allows the builder to make sure those components are up to date and to respond quickly to new vulnerabilities.”

    OSS developers wanting their software libraries to be used by the federal government need to provide SBOMs to do so. But nearly four years after the EO was published, opinions on the current and future value of the SBOM for the security of OSS and its supply chain still vary.

    The tea protocol

    The tea protocol is an attempt to enhance the sustainability (and security) of the OSS ecosphere. It uses blockchain technology and TEA tokens (an ERC-20 token) to support developers and reward vulnerability reporting – simultaneously improving both OSS quality through sustainable funding and OSS security by promoting secure development practices.

    The tea website describes it as “a decentralized technology framework that aims to enhance the sustainability and integrity of the software supply chain. The tea mission is to enable open-source software contributors to capture the value that they create.”

    tea is new, probably beginning conceptualization in 2021 and emerging in early March 2024 – and driven by Max Howell who developed the Homebrew open source package manager – but only really seeing the light of day in early 2024.

    Its lineage is solid, but its progress is yet to be confirmed. Ax Sharma, security researcher Sonatype, already has some concerns. “New protocols like the tea protocol with its blockchain rewards for developers, are already driving some users to abuse open source registries to test self-reward mechanisms,” he comments.

    OSS and the software supply chain in 2025

    Open source software is a known, major, and fluid threat. The content is continuously changing, and expanding, and the value to industry is enormous. As long ago as the early 2000s, the European Union began officially recommending its internal use,

    But as the use of OSS has grown, so too have the threats from it. Without any central authority, there is no way to impose any formal oversight or governance. That doesn’t mean there have been no attempts, but their success is questionable. Efforts must continue to prevent OSS resulting in evermore frequent and evermore disruptive breaches in the future.

    Where authorities cannot define and specify what must be done, the traditional route is to enforce sanctions against failure to deliver what they cannot define. “This all points to more regulation and compliance around software supply chain security in 2025, including further developments of EO14028 when it comes to mandatory SBOM implementation,” says Mistry. “We’ve already seen sectors like the Army require SBOMs with more branches expected to do so as well. With the rapid adoption of AI, I also anticipate more guardrails on AI security when it comes to securing the AI supply chain.”

    Reply
  18. Tomi Engdahl says:

    DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing

    With DORA’s January 2025 compliance deadline approaching, financial institutions must embrace rigorous testing, tailored threat profiles, and continuous vigilance to safeguard against cyber threats.

    https://www.securityweek.com/doras-deadline-looms-navigating-the-eus-mandate-for-threat-led-penetration-testing/

    Reply
  19. Tomi Engdahl says:

    Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump

    Jen Easterly hopes CISA is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission.

    https://www.securityweek.com/head-of-us-cybersecurity-agency-says-she-hopes-it-keeps-up-election-work-under-trump/

    Reply
  20. Tomi Engdahl says:

    DORA on täällä – pankeille ja rahoituslaitoksille tiukat vaatimukset
    https://etn.fi/index.php/13-news/17049-dora-on-taeaellae-pankeille-ja-rahoituslaitoksille-tiukat-vaatimukset

    EU:n DORA-säännös (Digital Operational Resilience Act) on Euroopan unionin sääntelykehys, jonka tarkoituksena on parantaa rahoitusalan digitaalista toimintavarmuutta. Sen siirtymäaika on nyt päättynyt, joten lainsäädännän täytyy olla käytössä.

    Mutta mitä haasteita DORA asettaa rahoituslaitoksille? Turvallisuusalan yritys Yubicon ratkaisuarkkitehti Dave Tham vastasi ETN:n kysymyksiin.

    Mitkä ovat suurimmat haasteet rahoituslaitoksille DORA:n vaatimusten, erityisesti ICT-riskienhallinnan ja resilienssin testauksen, täytäntöönpanossa?

    Suurimmat haasteet liittyvät laajuuteen ja monimutkaisuuteen, joita DORA:n kattavan sääntelykehyksen noudattaminen vaatii. Suurille organisaatioille, joilla on monipuoliset toiminnot ja vanhoja järjestelmiä, ICT-riskienhallintastrategioiden toteuttaminen DORA:n vaatimusten mukaisesti voi olla erityisen haastavaa. Teknisen vaatimustenmukaisuuden lisäksi organisaatioiden on käytävä läpi kulttuurinen muutos siirtymällä reaktiivisesta ennakoivaan lähestymistapaan, jossa painotetaan ennaltaehkäisyä toipumisen sijaan. Resilienssin testaus, kuten tunkeutumistestaukset ja skenaarioanalyysit, lisäävät monimutkaisuutta, sillä ne vaativat huomattavia resursseja ja teknistä osaamista.

    Keskeinen tekijä haasteiden ratkaisemisessa on vahvojen monivaiheisten todennusmekanismien (MFA) käyttöönotto uhkia, kuten tietojenkalastelua, vastaan. Kalastelulta suojaavat ratkaisut, kuten laitteeseen sidotut avaimet, tarjoavat turvallisen pohjan pääsyoikeuksille. Lisäksi ihmistekijän huomioiminen on olennaista; koulutusohjelmien avulla voidaan parantaa työntekijöiden ymmärrystä kalastelusta ja muista kyberuhista, mikä täydentää teknisiä puolustuksia ja vahvistaa toimintavarmuutta kokonaisuudessaan.

    Reply
  21. Tomi Engdahl says:

    Yksityisyys vai turvallisuus? Laitevalmistajan pitää suojata molemmat
    https://etn.fi/index.php/opinion/17048-yksityisyys-vai-turvallisuus-laitevalmistajan-pitaeae-suojata-molemmat

    Turvallisuuden ja yksityisyyden suojelu ovat yhtä tärkeitä, eivätkä ne ole toistensa vaihtoehtoja. Vaikka turvallisuusuhat saattavat vaikuttaa akuutimmilta, myös yksityisyydensuojan laiminlyönti voi johtaa merkittäviin haittoihin, kirjoittaa Qualcomm Innocation Centerin suunnittelujohtaja Tyler Baker.

    Turvallisuuden ja yksityisyyden keskinäinen kiireellisyys ja tärkeys kuluttaja- ja teollisuusmaailmassa voidaan havainnollistaa yksinkertaisella esimerkillä autosta, jossa on kehittyneitä ajoavustinjärjestelmiä. Riittämätön yksityisyyden suoja voi tarkoittaa, että luvaton kolmas osapuoli voi tarkkailla auton matkojen lokitietoja, kun data siirtyy ajoneuvon ja esimerkiksi kuljettajan vakuutusyhtiön välillä. Tämä voi tuntua tungettelevalta, mutta sillä ei yleensä ole merkittäviä seurauksia kuljettajalle.

    Riittämätön turvallisuussuoja puolestaan voisi antaa haitalliselle toimijalle mahdollisuuden ottaa haltuunsa tai vahingoittaa ajoneuvon ajoavustinjärjestelmää, vaarantaen kuljettajan kyvyn säilyttää turvallinen ajotapa.

    Johtopäätös vaikuttaa selvältä: yksityisyyden suoja on mukava lisä, mutta turvallisuussuoja on välttämätön. Tämä ei kuitenkaan ole täysin totta, ja siihen on ainakin kaksi syytä.

    Ensinnäkin se, että yksittäinen yksityisyyden loukkaus ei ehkä aiheuta merkittäviä turvallisuusvaikutuksia, ei tarkoita, ettei se olisi vahingollista. Jos kuluttajalla ei auton ostaessaan ole selkeää ja yksiselitteistä ymmärrystä siitä, että henkilötiedot, kuten reitit ja ajankohdat, ajotapa ja muut tiedot, voivat joutua vääriin käsiin, autonvalmistajalla tulisi olla velvollisuus pitää nämä tiedot yksityisinä. Sama pätee kaikkiin muihin kytkettyihin laitteisiin. Loppujen lopuksi kukaan ei halua tuntea, että häntä vakoillaan.

    Toiseksi yksityisyyden loukkaus voi muissa yhteyksissä kuin kuluttajan autossa johtaa erittäin vakaviin seurauksiin. Tämä koskee vielä enemmän teollisuus- tai kaupallisia järjestelmiä kuin kuluttajatuotteita. Esimerkiksi energiantuotantolaitoksen ohjausjärjestelmä voisi lähettää tietoja yhtiön verkon kautta sen varakapasiteetista. Tämä yksityinen tieto voisi olla kaupallisesti arvokasta kilpailijoille. Pahantahtoiset toimijat voisivat jopa käyttää tietoa ajoittaakseen kyberhyökkäyksen kansalliseen sähköverkkoon aiheuttaakseen maksimaalista haittaa tai häiriötä.

    Reply
  22. Tomi Engdahl says:

    Cyber Insights 2025: Attack Surface Management

    SecurityWeek’s Cyber Insights 2025 examines expert opinions to gain their opinions on what to expect in Attack Surface Management in 2025.

    https://www.securityweek.com/cyber-insights-2025-attack-surface-management/

    Reply
  23. Tomi Engdahl says:

    Teknologiajätit todella kuuntelevat keskusteluitasi – testaa itse
    https://etn.fi/index.php/13-news/17053-teknologiajaetit-todella-kuuntelevat-keskusteluitasi-testaa-itse

    NordVPN:n tutkijat ovat kehittäneet yksinkertaisen testin, jonka avulla voit selvittää, kuunteleeko älylaitteesi sinua. Moni käyttäjä on epäillyt, että sovellukset ja laitteet kuuntelevat keskusteluja mainonnan kohdentamista varten – ja testin tulokset näyttävät vahvistavan tämän.

    Testissä valitaan aihe, jota ei ole koskaan etsitty tai käsitelty aiemmin. Tämän jälkeen aiheesta keskustellaan toistuvasti laitteen läheisyydessä, ja seurataan, näkyykö siihen liittyviä mainoksia sosiaalisessa mediassa tai muilla alustoilla.

    Laillista, mutta häiritsevää

    Vaikka tällainen toiminta voi vaikuttaa yksityisyyttä loukkaavalta, se on yleensä laillista, jos käyttäjä on hyväksynyt sovellusten käyttöehdot. Ilman suostumusta tapahtuva kuuntelu on kuitenkin laitonta.

    Näin teet testin itse:

    Valitse uniikki aihe: Valitse aihe, josta et ole aiemmin keskustellut tai tehnyt hakuja.
    Puhu aiheesta: Keskustele aiheesta useita kertoja useana päivänä laitteen läheisyydessä.
    Jatka normaalia käyttöä: Älä tee aiheeseen liittyviä hakuja, mutta pidä laite lähelläsi.
    Tarkkaile mainoksia: Seuraa mainoksia ja selvitä, näkyykö aiheeseen liittyviä mainoksia seuraavina päivinä.

    Jos mainoksia ilmestyy, se voi viitata siihen, että laite kuuntelee keskustelujasi.

    NordVPN kehottaa käyttäjiä tarkistamaan sovellusten luvat ja olemaan erityisen tarkkoja mikrofonin käyttöoikeuksien suhteen. Näin NordVPN:n teknologiajohtaja Marijus Briedis listaa ohjeet käyttäjille:

    Tarkista sovellusten luvat: Poista mikrofonin käyttöoikeudet tarpeettomilta sovelluksilta.
    Päivitä ohjelmistot: Pidä laitteesi ajan tasalla.
    Käytä VPN-palvelua: Salaa verkkoliikenteesi estääksesi luvattoman seurannan.
    Käytä kaksivaiheista tunnistautumista: Suojaa laitteesi luvattomalta käytöltä.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*