Latest news with #RomanReznikov
Mid East Info
a day ago
- Business
- Mid East Info
Positive Technologies identifies key cyberthreats for financial companies in 2025–2026 - Middle East Business News and Information
Positive Technologies has outlined the major cyberthreats that the financial sector may face in the coming years. These include ransomware attacks, malicious use of QR codes, exploitation of API vulnerabilities, DDoS campaigns, and attacks targeting suppliers and partners. These conclusions are based on the company's analysis of security incidents and publicly available data concerning threats to banks and other financial institutions. The financial sector remains one of the top five most targeted industries by cybercriminals, according to Positive Technologies data for the period from 2024 to Q1 2025. In 67% of successful cyberattacks, attackers stole data and used it to blackmail victims by threatening to delete or expose the information. Another 26% of incidents caused operational disruptions, while 5% resulted in financial theft. Social engineering was used in 57% of successful cyberattacks on financial organizations in 2024. Positive Technologies analysts predict that such incidents will continue to rise as cybercriminals leverage the generative capabilities of artificial intelligence (AI) to craft convincing phishing emails. On the defensive side, security teams are also expected to use AI to detect AI-generated malicious content. The growing use of application programming interfaces (APIs) poses significant risks. Without adequate security measures, APIs could become an entry point for cybercriminals. This risk is exacerbated by the proliferation of shadow APIs, which often lack proper protection, and the widespread adoption of AI in the financial sector. According to a report by Wallarm, the number of vulnerable AI-enabled APIs increased tenfold in 2024. Another key cyberthreat in 2025–2026 will be the growing number of attacks on contractors and suppliers. Cybercriminals are likely to target less secure partners to gain access to larger financial organizations. Small and medium-sized businesses may also be affected, especially if attackers fail to reach their main targets. Roman Reznikov, Cybersecurity Research Analyst at Positive Technologies, says: 'Cybercriminals continue to exploit legitimate and widely used tools in fraudulent schemes. For example, attacks involving QR codes have become more frequent. Hackers replace legitimate QR codes with malicious ones in public spaces and bypass email security by taking advantage of the difficulty in detecting QR codes within messages. In the future, we may see malware capable of altering QR codes directly on device screens during payment. That's why it's important to be careful with QR codes and avoid scanning ones from unknown or suspicious sources. At the same time, defensive measures are evolving too. For instance, a company can protect itself from emails containing malicious QR codes by using PT Sandbox, which identifies QR codes in email images and attachments, extracts the embedded links, and checks them for malicious activity.' The access-as-a-service market presents another serious challenge. Positive Technologies reports that nearly 9% of dark web listings for access sales are related to the financial sector. This market is expected to grow as new technologies lower the barriers to entry into cybercrime. Inexperienced attackers may sell discovered access points to more skilled cybercriminals. Ransomware attacks are also projected to increase. Cybercriminals have begun demanding ransoms lower than the potential fines for data breaches. Analysts anticipate this tactic will become more common in countries with turnover-based fines such as Russia, Brazil, and China. DDoS campaigns will continue to pose a significant threat to the financial sector in 2025. Hackers are expected to create massive botnets of compromised IoT devices and use AI to launch adaptive attacks that respond to victims' countermeasures. To protect against these evolving threats, financial organizations must adopt a comprehensive cybersecurity strategy built on advanced tools, including: next-generation firewalls (NGFWs) like PT NGFW to prevent cyberattacks and enforce security policies; web application firewalls (WAFs) such as PT Application Firewall for detecting and blocking attacks, including threats from the OWASP Top 10 list; SIEM systems, including tools like MaxPatrol SIEM, to identify malicious activity across infrastructure and endpoints, integrated with EDR solutions like MaxPatrol EDR. In addition, sandboxes (such as PT Sandbox) and NTA or NDR systems (like PT NAD) should be used to protect against malware and detect hacker movement within the network.
TECHx
14-05-2025
- TECHx
Artificial Intelligence Aids in Cyber Attack Prevention
Home » Emerging technologies » Artificial Intelligence » Artificial Intelligence Aids in Cyber Attack Prevention Positive Technologies has announced the findings of a recent study analyzing the key applications of Artificial Intelligence in cybersecurity. The report revealed that AI can be applied to over half of the countermeasures listed in the MITRE D3FEND framework. The study found that 28% of existing countermeasures already use AI support, while another 27% are expected to be integrated with AI solutions that are currently in development. According to experts at Positive Technologies, Artificial Intelligence allows defenders to identify, predict, and prevent cyberthreats more efficiently. For instance, AI helps protect sensitive data by recognizing classified information in documents and adapting the content based on the user's access level. In addition, the company reported that AI tools can be used for automated security testing. In their product PT Dephaze, generative AI generates likely passwords for specific targets, analyzes text files, and compiles detailed reports. Currently, AI is widely used for detecting cyberthreats. It analyzes user behavior, network traffic, and executable files. The study indicated that in the near future, AI may also help gather network intelligence and detect unauthorized software or services that escape the notice of IT teams. Positive Technologies stated that AI will likely enable more realistic simulations of user behavior, assist in deploying honeypots, and support continuous biometric authentication. Tools like MaxPatrol VM are already helping organizations maintain up-to-date infrastructure data. A major benefit of Artificial Intelligence in cybersecurity is its ability to detect unknown threats. For example: PT Sandbox uses behavioral analysis to identify anomalies. MaxPatrol SIEM includes BAD (Behavioral Anomaly Detection), which tracks zero-day exploits and new malware. Roman Reznikov, Cybersecurity Research Analyst at Positive Technologies, commented that the goal is to embed AI as an 'autopilot' to speed up incident response and reduce pressure on security teams. He added that this concept was successfully tested during the Standoff 13 cyberbattle, where MaxPatrol O2 prevented breaches by detecting attacks on a simulated infrastructure. Moreover, the company noted that AI helps SOC teams make faster decisions by providing context for alerts and suggesting appropriate responses. MaxPatrol O2 automatically creates action plans and offers options for handling incidents with varying degrees of human input. However, Positive Technologies warned that the use of AI comes with challenges. High-quality training data and skilled professionals are essential. While AI strengthens defenses, it may also become a target for attackers. Therefore, the company recommends a responsible approach to AI adoption, considering risks and following best practices for cybersecurity.
