Here is collection of some cyber security trends and predictions for 2025 from various sources:
Pimeän verkon keskustelut paljastavat: Tällaista kyytiä on luvassa vuonna 2025
Keskustelut paljastavat ensi vuoden uhkakuvat.
https://www.is.fi/digitoday/tietoturva/art-2000010908617.html
VPN provider NordVPN has partnered with researchers at NordStellar to predict the cyber threats of 2025. The companies analyzed the largest dark web forums to identify the most talked about and trending topics. These include:
Advanced disinformation services
Stolen digital identities
AI-based social engineering
Smart home vulnerabilities
The state of connected homes is already fragile, NordVPN warns.
Kyberturvallisuuden ja tekoälyn tärkeimmät trendit 2025
https://www.uusiteknologia.fi/2024/11/20/kyberturvallisuuden-ja-tekoalyn-tarkeimmat-trendit-2025/
Security firm Palo Alto Networks has released a comprehensive list of emerging threats and the impact of advances in artificial intelligence (AI) for the coming year. While they present their own risks, they also help malicious actors seek help to exploit the new capabilities of AI.
Cyber infrastructure is focused on one unified security platform
Large amounts of data give an advantage against new entrepreneurs
Businesses are increasingly adopting secure enterprise browsers
In 2025, more attention will be paid to the energy impacts of artificial intelligence
The realities of quantum technology will become clearer in 2025
Security and marketing directors work more closely together
Kyberhyökkäykset ovat entistä laajempia, röyhkeämpiä ja vahingollisempia.
https://www.verkkouutiset.fi/?p=694453#9c1dc2d3
Cybersecurity company Fortinet has published a cyber threat forecast for 2025. According to it, threat actors will continue to rely on many traditional tactics that have been used for decades.
According to the report, the following cyber threats will be increasingly seen around the world starting next year.
Cybercriminals specialize in certain stages of the attack chain
Attacks on cloud environments are becoming more common
Automated hacking tools on dark web sales platforms
Real-life threats become part of attackers’ tactics
Anti-attack groups expand cooperation
A grim forecast for 2025
Security company warns of new-age cyberattacks.
https://www.iltalehti.fi/digiuutiset/a/3ba5142e-f0ee-43fe-8bd2-4468a9d2d5bd
According to security company Fortinet, many cybercriminals are making better attacks than before, which is not a good thing at all. In addition, old protection methods may not be enough as criminals find new ways to attack.
The company’s Fortiguard Labs team has compiled an updated threat forecast report for 2025, which underlines that cyberattacks are becoming more targeted and harmful, for example, as turnkey cyberattack services become more common.
1 Specialization
2 Cloud and artificial intelligence as themes
3 Real-life threats are part of the tactic
Fortinet reminds us that the responsibility for ensuring information security lies with everyone, not just corporate security and IT teams.
– No single organization or security team can prevent cybercrime on its own, it underlines.
Guidance to survive 2025:
Product Security Bad Practices
https://www.cisa.gov/resources-tools/resources/product-security-bad-practices
MITRE shares 2024′s top 25 most dangerous software weaknesses
https://www.bleepingcomputer.com/news/security/mitre-shares-2024s-top-25-most-dangerous-software-weaknesses/
Six password takeaways from the updated NIST cybersecurity framework
https://www.bleepingcomputer.com/news/security/six-password-takeaways-from-the-updated-nist-cybersecurity-framework/
198 Comments
Tomi Engdahl says:
8,000 New WordPress Vulnerabilities Reported in 2024
Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.
https://www.securityweek.com/8000-new-wordpress-vulnerabilities-reported-in-2024/
Tomi Engdahl says:
https://www.securityweek.com/medusa-ransomware-made-300-critical-infrastructure-victims/
Tomi Engdahl says:
Tietokoneviruksia ja kyberhyökkäyksiä – Mikko Hyppönen kertoo uudesta Haittaohjelmamuseosta
https://www.youtube.com/watch?v=C2W–_Yj2Po
Kävin perjantaina Presstekin (Tekniikan toimittajien yhdistys) kanssa tutustumassa WithSecureen ja samalla saimme myös kiertokäynnin uudessa Haittaohjelmataidemuseossa. Oppanamme oli itse Mikko Hyppönen, joka toimii myös museon kuraattorina. Videolla on lyhennetty versio kiertokäynnistämme ja Mikon esittelystä.
Tomi Engdahl says:
https://www.securityweek.com/through-the-lens-of-music-what-cybersecurity-can-learn-from-joni-mitchell/
Tomi Engdahl says:
SecurityWeek
Malware & Threats
Security Operations
Security Architecture
Risk Management
CISO Strategy
ICS/OT
Funding/M&A
Cybersecurity News
Webcasts
Virtual Events
ICS Cybersecurity Conference
Connect with us
Hi, what are you looking for?
SecurityWeek
SecurityWeek
SecurityWeek
Malware & Threats
Cyberwarfare
Cybercrime
Data Breaches
Fraud & Identity Theft
Nation-State
Ransomware
Vulnerabilities
Security Operations
Threat Intelligence
Incident Response
Tracking & Law Enforcement
Security Architecture
Application Security
Cloud Security
Endpoint Security
Identity & Access
IoT Security
Mobile & Wireless
Network Security
Risk Management
Cyber Insurance
Data Protection
Privacy & Compliance
Supply Chain Security
CISO Strategy
Cyber Insurance
CISO Conversations
CISO Forum
ICS/OT
Industrial Cybersecurity
ICS Cybersecurity Conference
Funding/M&A
Cybersecurity Funding
M&A Tracker
Which Security Testing Approach is Right for You?
Uncategorized
Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing
Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks.
https://www.securityweek.com/browser-security-under-siege-the-alarming-rise-of-ai-powered-phishing/
Browser security cannot be ignored. It’s where people spend most of their working day, and it’s where attackers focus most of their attacks.
Statistics come from Menlo Security’s analysis of 750,000 browser-based phishing attacks targeting more than 800 entities detected over the last 12 months. This analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks (effectively, a zero-day attack applied to phishing).
The reasons for the growth are multiple: our growing reliance on the browser for much of our daily work, the prevalence of zero-day vulnerabilities, the increasing sophistication of the cybercriminal underworld, and, worryingly, the growing influence of gen-AI. Gen-AI is particularly concerning, both for its use today and its potential use in the future.
“Threat actors have advanced in speed and skills. They are using the same tools and infrastructure as professional engineers,” comments Andrew Harding, VP of security strategy at Menlo Security. “We’re seeing a dangerous combination of zero-day attacks, advanced social engineering techniques, sophisticated phishing techniques, and readily available phishing-as-a-service kits, all designed to infiltrate systems and steal valuable data.”
Tomi Engdahl says:
Blocking DDoS Attacks
Once a DDoS attack is detected, WAFs take action to neutralize it without disrupting legitimate users:
IP Blocking and Blacklisting:Suspicious or confirmed malicious IP addresses are blocked outright, either temporarily or permanently, depending on the severity and WAF configuration.
Request Filtering:WAFs drop malformed or malicious HTTP requests (e.g., oversized headers, invalid payloads) commonly used in Layer 7 DDoS attacks like HTTP floods.
Traffic Redirection:For cloud-hosted websites, WAFs often integrate with CDNs (e.g., Cloudflare, Akamai) to reroute traffic through distributed servers. This spreads the attack load across a global network, reducing the impact on the origin server.
Dynamic Scaling:Cloud-based WAFs can scale resources automatically to absorb volumetric attacks (e.g., SYN floods or UDP floods), ensuring the website remains operational.
Custom Rules and Policies:Administrators can configure WAFs with custom rules tailored to the website’s needs. For instance, blocking requests targeting a specific API endpoint being abused in a DDoS attack.
https://www.facebook.com/share/p/1FzvydZRkM/
Tomi Engdahl says:
https://blog.cloudflare.com/monitoring-and-forensics/
Tomi Engdahl says:
https://blog.cloudflare.com/browser-based-rdp/
Tomi Engdahl says:
https://www.csoonline.com/article/3850791/7-cutting-edge-encryption-techniques-for-reimagining-data-security.html
Tomi Engdahl says:
https://ssd.eff.org/module/how-to-use-signal?fbclid=IwY2xjawJVRHhleHRuA2FlbQIxMQABHelEduO4gTGFvfadY-13W5l_B3uhGqpY6Aw3_VLOtJFeILKsFzNvrMJtKg_aem_6TCIb10hU1Z1Y6HmfAz7cw
Tomi Engdahl says:
https://www.helpnetsecurity.com/2025/03/27/hottest-cybersecurity-open-source-tools-of-the-month-march-2025/
Tomi Engdahl says:
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH
OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access.
https://www.helpnetsecurity.com/2025/03/28/opkssh-sso-ssh/
Tomi Engdahl says:
https://www.bleepingcomputer.com/news/security/new-ubuntu-linux-security-bypasses-require-manual-mitigations/
Tomi Engdahl says:
After Trump’s decree: fight for US funding for Tor, F-Droid and Let’s Encrypt
Following a decree by US President Trump, the Open Technology Fund is no longer receiving funding. That is why the organization is now going to court.
https://www.heise.de/en/news/After-Trump-s-decree-fight-for-US-funding-for-Tor-F-Droid-and-Let-s-Encrypt-10328335.html
Tomi Engdahl says:
Compliance
PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry
As PCI DSS 4.0.1 comes into force, it shows the power of industry collaboration in cybersecurity.
https://www.securityweek.com/pci-dss-4-0-1-a-cybersecurity-blueprint-by-the-industry-for-the-industry/
Tomi Engdahl says:
https://etn.fi/index.php/opinion/17384-joskus-yksittaeinen-komponentti-voi-olla-vaarallinen-takaovi
Tomi Engdahl says:
Artificial Intelligence
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows
Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.
https://www.securityweek.com/ai-now-outsmarts-humans-in-spear-phishing-analysis-shows/
Tomi Engdahl says:
Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools
Google plans to unleash automated AI agents into overtaxed SOCs to reduce the manual workload for cybersecurity investigators.
https://www.securityweek.com/google-targets-soc-overload-with-automated-ai-alert-and-malware-analysis-tools/
Tomi Engdahl says:
Cloud Security
Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy
The greatest security policies in the world are useless if enterprises don’t have a reasonable, consistent, and reliable way to implement them.
https://www.securityweek.com/grouchos-wit-cloud-complexity-and-the-case-for-consistent-security-policy/
Tomi Engdahl says:
Artificial Intelligence
AI Giving Rise of the ‘Zero-Knowledge’ Threat Actor
The rise of zero-knowledge threat actors powered by AI marks a turning point in the business of cybercrime where sophisticated attacks are no longer confined to skilled attackers.
https://www.securityweek.com/ai-giving-rise-of-the-zero-knowledge-threat-actor/
Tomi Engdahl says:
Artificial Intelligence
Google Pushing ‘Sec-Gemini’ AI Model for Threat-Intel Workflows
Experimental Sec-Gemini v1 touts a combination of Google’s Gemini LLM capabilities with real-time security data and tooling from Mandiant.
https://www.securityweek.com/google-pushing-sec-gemini-ai-model-for-threat-intel-workflows/
Tomi Engdahl says:
Network Security
DNS: The Secret Weapon CISOs May Be Overlooking in the Fight Against Cyberattacks
While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks.
https://www.securityweek.com/dns-the-secret-weapon-cisos-may-be-overlooking-in-the-fight-against-cyberattacks/
Tomi Engdahl says:
https://www.uusiteknologia.fi/2025/04/09/isoja-muutoksia-pian-alylaitteiden-tietoturvaan/
https://etn.fi/index.php/opinion/17384-joskus-yksittaeinen-komponentti-voi-olla-vaarallinen-takaovi
Tomi Engdahl says:
https://etn.fi/index.php/13-news/17412-windows-10-tuen-loppuminen-tuo-kissanpaeivaet-verkkorikollisille
Tomi Engdahl says:
SSL/TLS certificate lifespans reduced to 47 days by 2029
https://www.bleepingcomputer.com/news/security/ssl-tls-certificate-lifespans-reduced-to-47-days-by-2029/
The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029.
The CA/Browser Forum is a group of certificate authorities (CAs) and software vendors, including browser developers, working together to establish and maintain security standards for digital certificates used in Internet communications.
Its members include major CAs like DigiCert and GlobalSign, as well as browser vendors such as Google, Apple, Mozilla, and Microsoft.
With 25 votes for and none against, the CA/Browser Forum has now ruled to shorten the lifespan as follows:
From March 15, 2026, certificate lifespan and DCV will be reduced to 200 days
From March 15, 2027, certificate lifespan and DCV will be reduced to 100 days
From March 15, 2029, the certificate lifespan will be reduced to 47 days and DCV to 10 days
Tomi Engdahl says:
ICS/OT
Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure
Very few people in the cybersecurity industry do not know, or know of, Bryson Bort, CEO/Founder of SCYTHE and the co-founder of ICS Village.
https://www.securityweek.com/rising-tides-bryson-bort-on-cyber-entrepreneurship-and-the-needed-focus-on-critical-infrastructure/
Tomi Engdahl says:
Supply Chain Security
AI Hallucinations Create a New Software Supply Chain Threat
Researchers uncover new software supply chain threat from LLM-generated package hallucinations.
https://www.securityweek.com/ai-hallucinations-create-a-new-software-supply-chain-threat/
Tomi Engdahl says:
MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty
MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations.
https://www.securityweek.com/mitre-signals-potential-cve-program-deterioration-as-us-gov-funding-expires/
Tomi Engdahl says:
Data Protection
Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats
Partisia, Squareroot8, and NuSpace join forces in a global partnership to advance quantum-safe communications.
https://www.securityweek.com/blockchain-quantum-and-iot-firms-unite-to-secure-satellite-communications-against-quantum-threats/
Tomi Engdahl says:
Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises
Top-ranked mobile apps found using hardcoded keys and exposed cloud buckets.
https://www.securityweek.com/many-mobile-apps-fail-basic-security-posing-serious-risks-to-enterprises/
Estimates show the number of people who had personal data compromised increased by 312% from 2023 to 2024.
Zimperium’s zLabs researchers examined 17,333 Android and iOS mobile apps obtained from the official app stores and being used by the firm’s own enterprise customers’ employees. This follows an estimated increase of 312% in the number of individuals who had personal data compromised in 2024: from 419 million in 2023 to 1.7 billion in 2024 (figures from the Identity Theft Resource Center (ITRC).
With personal mobile phones increasingly being used within business environments, these numbers are likely to grow, and the consequent threat to business systems will increase.
The two most common app weaknesses discovered by the researchers include misconfigured use of cloud storage, and use of poor cryptography.
From the mobile apps examined, 83 Android apps (4 from within Google Play Store’s top 100 popularity list) were found to use unprotected or misconfigured cloud storage. In some of the stores the file indexes are world viewable, and in others the content can be accessed without credentials. Since criminals are continuously scanning the internet for such unprotected repositories, this is a serious threat to the data they contain.
Ten Android apps expose credentials to AWS cloud services – allowing attackers to read data and possibly write false data into the store.
“Misconfiguration in cloud storage and exposed credentials is the same as leaving the front door open and saying the house is safe,” comments Boris Cipot, senior security engineer at Black Duck. “This is an open invitation for attackers to steal data simply by exploiting sloppy security configurations or application security.”
Tomi Engdahl says:
https://phys.org/news/2025-04-hidden-side-channels-quantum-sources.html
Tomi Engdahl says:
Frida Penetration Testing Tool Kit Released With New APIs for Threat Monitoring
https://cybersecuritynews.com/frida-penetration-testing-tool-kit-released/#google_vignette
Tomi Engdahl says:
https://www.uusiteknologia.fi/2025/04/17/turvallisuus-pankkiasioinnissa-tarkeampaa-kuin-palvelun-nopeus-tai-helppous/
Tomi Engdahl says:
https://etn.fi/index.php/13-news/17421-suomalaisyrityksiin-hyoekaettiin-alkuvuonna-yli-tuhat-kertaa-viikossa
Tomi Engdahl says:
Uusi standardi poistaa avaimet ovista
https://etn.fi/index.php/13-news/17428-uusi-standardi-poistaa-avaimet-ovista
NXP esittelee ratkaisun, joka vie älylukot ja digitaaliset avaimet uudelle tasolle – fyysisiä avaimia ei enää tarvita. Ratkaisun keskiössä on tuore Aliro-standardi, jota kehitetään Connectivity Standards Alliancen alaisuudessa. Sen tavoitteena on mahdollistaa yhteensopiva, turvallinen ja helppokäyttöinen digitaalinen pääsy niin koteihin kuin ajoneuvoihin – riippumatta siitä, minkä valmistajan laitteita käytetään.
NXP:n ratkaisu kokoaa yhteen useita teknologioita, kuten Ultra-Wideband (UWB) tarkkaan etäisyyden mittaamiseen, Bluetooth Low Energy (BLE) langattomaan viestintään, NFC (Near Field Communication) nopeaan lähilukuun, sekä Thread ja Matter älylaitteiden standardisoituun yhteensopivuuteen.
Yhdessä nämä teknologiat mahdollistavat sen, että ovi tunnistaa käyttäjän laitteet automaattisesti ja avautuu turvallisesti – ilman tarvetta koskettaa lukkoa tai puhelinta.
Alustan ytimessä on turvallisuus. Ratkaisuun voidaan lisätä NXP:n EdgeLock SE051 Secure Element, joka suojaa digitaalisia tunnistetietoja jopa edistyneitä laitteistohyökkäyksiä vastaan. Lisäksi järjestelmä tukee sekä sisä- että ulkokäyttöä, ja se voidaan skaalata erilaisiin käyttötapauksiin aina kerrostaloista luksushotelleihin ja ajoneuvoihin.
Kehittäjille tarjolla on FRDM-MCXW71-kehitysalusta, johon on liitetty Muratan kehittämä Arduino-laajennuskortti. Yhdessä ne sisältävät UWB:n, NFC:n ja Bluetoothin
Tomi Engdahl says:
Security Architecture
Demystifying Security Posture Management
While the Security Posture Management buzz is real, its long-term viability depends on whether it can deliver measurable outcomes without adding more complexity.
https://www.securityweek.com/demystifying-security-posture-management/
What is Security Posture Management?
Security monitoring generates massive volumes of data—but raw data alone does not drive effective decisions. What organizations really need are prioritized, actionable insights, derived by correlating security signals with business risk and criticality.
Traditional integrations between security tools are often vendor-specific or standards-based, but most commonly routed through SIEM (Security Information and Event Management) systems. SIEMs collect and normalize events, which can then be actioned by SOAR (Security Orchestration, Automation, and Response) platforms. However, not all relevant data is ingested, and even when it is, contextual gaps and data fidelity issues can compromise its reliability.
This is where Security Posture Management (SPM)—also known as Continuous Threat Exposure Management (CTEM)—enters the conversation. SPM is a proactive, programmatic approach designed to bolster cyber resilience by continuously assessing, prioritizing, and addressing vulnerabilities and misconfigurations. It is important to note that SPM is not a product, it is a framework. Despite what vendor marketing may suggest, no one solution delivers a complete SPM program out of the box.
Core Components of SPM
An effective Security Posture Management strategy typically includes:
Continuous Monitoring: Ongoing scans and assessments to detect vulnerabilities and misconfigurations.
Visibility and Control: Insight into configurations and key infrastructure components for better decision-making.
Prioritization: Correlating threats with business impact to focus on the highest-risk issues.
Automated Remediation: Resolving vulnerabilities and misconfigurations with minimal human intervention.
Compliance Reporting: Generating dashboards and reports to demonstrate adherence to regulatory standards.
Tomi Engdahl says:
Artificial Intelligence
The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools
With unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
https://www.securityweek.com/the-shadow-ai-surge-study-finds-50-of-workers-use-unapproved-ai-tools/
Tomi Engdahl says:
Abner Li / 9to5Google:
Google rolls out opt-in Sensitive Content Warnings in Messages to blur nude images on Android; the System SafetyCore-powered content classification is on-device
Google Messages Sensitive Content Warnings for nudity rolling out
https://9to5google.com/2025/04/21/google-messages-sensitive-content-warnings-live/
Following last year’s announcement, Google Messages is rolling out Sensitive Content Warnings that blur nude images on Android.
For adults, Sensitive Content Warnings are opt-in and disabled by default. It’s on for those under 18:
Supervised users: This feature can’t be turned off but parents can control it through the Family Link app.
Unsupervised teens (13–17 years of age): This feature can be turned off in the Google Account settings.
There are two aspects to it, with the first blurring images “that may contain nudity” with the ability to delete before viewing. Your options are:
Learn why nude images can be harmful
Block this number
Next > No, don’t view or Yes, view
You can “blur the image back” by tapping “Remove preview” in the bottom-right corner.
The second reminds “users of the risks of sending nude imagery and preventing accidental shares” before they send or forward something that may contain nudity. They must “confirm to continue.”
To send the image, tap Next.
To continue, swipe right Yes, send.
To cancel, select No, don’t send.
This image classification, which does not currently apply to videos, works on-device and is powered by Android System SafetyCore, which “doesn’t send identifiable data or any of the classified content or results to Google servers.”
As a system service, SafetyCore is only active when an application integrates with SafetyCore and specifically requests that content be classified. Images aren’t classified unless they’re sent through Google Messages with the Sensitive Content Warnings feature turned on.
Google announced it in October, and said it was beginning to roll out in February. We’re now seeing it Google Messages Settings > Protection & Safety > Manage sensitive content warnings. This takes you to a new settings page with a “Warnings in Google Messages” toggle.
Tomi Engdahl says:
Artificial Intelligence
DataKrypto Launches Homomorphic Encryption Framework to Secure Enterprise AI Models
DataKrypto’s FHEnom for AI combines real-time homomorphic encryption with trusted execution environments to protect enterprise data and models from leakage, exposure, and tampering.
https://www.securityweek.com/datakrypto-launches-homomorphic-encryption-framework-to-secure-enterprise-ai-models/
Tomi Engdahl says:
https://www.securityweek.com/category/artificial-intelligence/
Tomi Engdahl says:
Nebula DevOps Penetration Testing Framework
Link: https://github.com/gl4ssesbo1/Nebula
Tomi Engdahl says:
NIS2 on nyt täällä
https://etn.fi/index.php/13-news/17448-nis2-on-nyt-taeaellae
Uusi NIS2-direktiivi tuo mukanaan tiukentuneet velvoitteet erityisesti kyberturvallisuuden raportointiin. – Isoimmat toimijat ovat varmasti hyvin varautuneet, mutta pienemmillä riittää tekemistä, arvioi Into Securityn toimitusjohtaja Niki Klaus, kun direktiivi astui virallisesti voimaan Suomessa.
Nyt yritysten on oltava aiempaa valppaampia ja valmiita reagoimaan – ilmoitusvelvollisuus tietoturvaloukkauksista on selkeä ja sanktioitu. – Toimialan ja organisaation kriittisyyden mukaan valvontaa tehdään joko etukäteen tai vasta jälkikäteen. Pankkisektori on perinteisesti vahvoilla, mutta monella muulla sektorilla riittää vielä tehtävää, Klaus kertoo.
Liikenne- ja viestintävirasto Traficom on myöntänyt Into Security Oy:n tytäryhtiölle, Into Certification Oy:lle, arviointilaitoshyväksynnän Katakri 2020 -pätevyyksillä. Yhtiö liittyy kolmantena toimijana auditointimarkkinoille KPMG:n ja Nixun (nyk. DNV:n) rinnalle.
NIS2-direktiiviä valvoo Suomessa useampi viranomainen, mutta Traficomilla on keskeinen rooli. Käytännössä valvonta tapahtuu riskiperusteisesti: suurimpia ja kriittisimpiä toimijoita tarkastellaan ennakoivasti, kun taas pienemmillä organisaatioilla tarkastelu voi tapahtua vasta tapahtuneiden tietoturvaloukkausten jälkeen.
Suomalaisten yritysten valmiustaso vaihtelee. – Moni iso toimija on jo hereillä, mutta pienet ja keskisuuret yritykset ovat haavoittuvaisempia. Toimialalla on väliä – esimerkiksi sosiaali- ja terveysalalla ja teollisuudessa tarvitaan vielä paljon tukea uuden lainsäädännön haltuunottoon, Klaus arvioi.
NIS2-direktiivi laajentaa tietoturvavaatimukset tuhansiin uusiin suomalaisorganisaatioihin. Vaatimustenmukaisuuden todentamiseen soveltuu mm. ISO 27001 -standardi. Into Certification on jo akkreditoitu mm. ISO 27001-, PCI QSA- ja sote-järjestelmäauditointeihin.
Tomi Engdahl says:
Biometrics, Mobile Devices and the Future of Physical Access Control
April 23, 2025
With biometric authentication moving onto mobile devices, enterprises are entering a new era of simplified, contactless physical access control.
https://www.securityinfowatch.com/access-identity/biometrics/article/55285257/biometrics-mobile-devices-and-the-future-of-physical-access-control
Tomi Engdahl says:
https://etn.fi/index.php/13-news/17428-uusi-standardi-poistaa-avaimet-ovista
Tomi Engdahl says:
I set up intrusion detection and intrusion prevention on my network using OPNsense, here’s how
https://www.xda-developers.com/set-up-intrusion-detection-protection-opnsense/
The internet is a scary place, and since building my own OPNsense router where I can see all of the traffic in and out, I’ve never been more convinced of that. I had already set up OPNsense with the goal of configuring Intrusion Detection Systems and Intrusion Prevention Systems (IDS and IPS, respectively). I moved as quickly as I could to deploy them when I saw the constant traffic that was scanning my network, looking for open services. I’ve since set up a honeypot to capture some data, but that’s a story for another day.
Tomi Engdahl says:
https://etn.fi/index.php/13-news/17463-ransomware-kasvaa-hurjaa-vauhtia
Kiristyshaittaohjelmahyökkäysten määrä kasvoi alkuvuonna 2025 peräti 126 prosenttia edellisvuoteen verrattuna, kertoo Check Point Researchin tuore raportti. Tammi-maaliskuussa kiristyshaittaohjelmaryhmät ilmoittivat yhteensä 2289 uhrista – enemmän kuin koskaan aiemmin yhden vuosineljänneksen aikana.
Raportin mukaan hyökkäykset ovat muuttuneet älykkäämmiksi ja kohdistetummiksi. Tekoälyn käyttö, tekaistut uhrit ja alueellinen kohdentaminen muovaavat uhkakuvaa entistä vaikeammin hallittavaksi. Esimerkiksi FunkSec-ryhmän epäillään hyödyntävän tekoälyllä kehitettyjä haittaohjelmia, mikä madaltaa hyökkäysten kynnystä ja hämärtää rajanvetoa talousrikollisuuden ja haktivismin välillä.
Tomi Engdahl says:
Hybridiasiantuntija jyrähtää Ylellä: Lopettakaa ”vatulointi”
Ylen aamussa esiintyneen Hybridiosaamiskeskuksen verkostojohtaja Jukka Savolaisen mielestä eurooppalaismaiden tulisi lopettaa vatulointi ja lähettää joukkoja Ukrainaan.
https://www.iltalehti.fi/ulkomaat/a/96fb401f-e572-427f-b011-cd3140dbd841
Pohjoismaiden ja Baltian ulkoministerit kokoontuvat parhaillaan Tanskan Bornholmin saarella. Agendalla on Itämeren alueen turvallisuus- ja puolustusyhteistyö sekä Ukrainan tukeminen.
Tomi Engdahl says:
Google Cloud Blog:
Google tracked 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but up from 63 in 2022, with government hackers leading the use
Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis
https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends