Latest news with #cloudsecurity
Associated Press
24 minutes ago
- Business
- Associated Press
Ransomware Surges as Attempts Spike 146% Amid Aggressive Extortion Tactics
Key Findings: SAN JOSE, Calif., July 29, 2025 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its annual Zscaler ThreatLabz 2025 Ransomware Report. The report examines the latest trends shaping the ransomware threat landscape, revealing how attacks are adapting and escalating. It highlights the most targeted sectors and regions, profiles the most active ransomware families, analyzes shifting attack methodologies, and provides actionable recommendations to help organizations strengthen their defenses. ThreatLabz's findings underscore the critical importance of organizations adopting a comprehensive Zero Trust Everywhere strategy. This approach is essential to prevent ransomware and other malicious threats from lateral movement and compromising sensitive user data, applications, and information. 'Ransomware tactics continue to evolve, with the growing shift toward extortion over encryption as a clear example,' said Deepen Desai, EVP Cybersecurity, Zscaler. 'GenAI is also increasingly becoming part of the ransomware threat actor's playbook, enabling more targeted and efficient attacks. As threats advance, security measures must keep pace. The Zscaler Zero Trust Exchange™ platform empowers organizations to shrink their attack surface, identify and block initial compromise threats, prevent lateral movement, and stop data exfiltration to shut down extortion events before they happen.' Data Demand Fuels Steady Attack Growth Ransomware attacks are intensifying at an alarming rate, with attempted attacks blocked in the Zscaler cloud up 146% year-over-year. This escalation reflects a strategic shift: ransomware groups are increasingly prioritizing extortion over encryption. Accordingly, the report details a 92% increase in the total volume of exfiltrated data by 10 major ransomware groups in the past year, rising from 123 TB to 238 TB. This emphasis on data theft—and the threat of exposure—allows attackers to exert greater pressure on victims, amplifying the impact of ransomware on organizations globally. Industries Under Siege Cybercriminals continue to focus on the high-stakes environments of the Manufacturing (1,063 attacks), Technology (922), and Healthcare (672) sectors, making them the most frequently hit by ransomware over the past year. These industries are particularly vulnerable due to the potential for operational disruption, the sensitivity of stolen data, and the associated risks of reputational damage and regulatory fallout. The Oil & Gas sector has seen a staggering increase in ransomware attacks, spiking over 900% year-over-year. This surge is likely a result of increased automation of systems that control critical infrastructure, including drilling rigs and pipelines, expanding the sector's attack surface, coupled with outdated security practices. United States Is the Target of Half of All Ransomware Attacks Leak site data highlights a distinct geographic disparity, with victims in the United States accounting for 50% of ransomware attacks, significantly outpacing Canada (5%) and the United Kingdom (4%). Ransomware attacks in the U.S. more than doubled to 3,671, exceeding the combined total number of attacks reported across all other countries in the top 15 most-targeted countries. This concentration demonstrates how threat actors continue to strategically target digitally concentrated, high-value economies. Ransomware Groups Driving the Surge Several highly active groups continued to dominate the ransomware ecosystem, with RansomHub leading the pack, claiming the highest number of publicly named victims at 833. Akira and Clop have both moved up in the ransomware attack rankings since last year. Akira, associated with 520 victims, has steadily expanded its reach through numerous affiliates and initial access brokers. Clop, known for its focus on supply chain attacks, is close behind with 488 victims, employing an effective strategy of exploiting vulnerabilities in commonly used third-party software. Zscaler ThreatLabz identified 34 newly active ransomware families over the past year, bringing the total number tracked to 425 since their research began, and has a public GitHub repository that now hosts 1,018 ransomware notes, with 73 added in the last year. How Zscaler Stops Ransomware with Zero Trust + AI Ransomware flourishes in environments with fragmented security, limited visibility, implicit trust, and outdated legacy architectures that amplify risk rather than reduce it. The Zscaler Zero Trust Exchange mitigates these risks by replacing traditional, network-centric models with a cloud-native, AI-driven zero trust architecture, and stops ransomware at every stage of the attack life cycle by: Additional AI-powered ransomware protections from Zscaler include: Download the Report Get the full ThreatLabz 2025 Ransomware Report to explore how Zscaler ThreatLabz plays an active role in protecting enterprises worldwide. Download today. Research Methodology The research methodology for this report is a comprehensive process that uses multiple data sources to identify and track ransomware trends. The ThreatLabz team collected data between April 2024 and April 2025 from sources including the Zscaler global security cloud, and the team's own analysis of ransomware samples and attack data. About ThreatLabz ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, About Zscaler Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 160 data centers globally, the SASE-based Zero Trust Exchange is the world's largest in-line cloud security platform. Media Contact: Nick Gonzalez [email protected] A photo accompanying this announcement is available at
Associated Press
24 minutes ago
- Business
- Associated Press
Trend Micro and Google Cloud Deepen Collaboration to Advance AI-Driven Cybersecurity and Sovereign Cloud Solutions
Advancing proactive security across cloud environments, and fighting online scams with AI HONG KONG SAR - Media OutReach Newswire - 29 July 2025 - Trend Micro Incorporated ( TYO: 4704; TSE: 4704 ), a global cybersecurity leader, today announced the expansion of its strategic alliance with Google Cloud. The partnership brings together deep cybersecurity expertise and leading cloud innovation to secure the connected world through a multi-cloud, AI-first environment, supporting sovereignty requirements, enhancing consumer and enterprise protection, and building digital trust at scale. Karan Bajwa, President, Google Cloud Asia Pacific: 'Our long-time partnership with Trend Micro underscores our shared commitment to enterprise-grade security. By seamlessly extending Google Cloud's native security with Trend Micro's specialized defenses, we empower organizations to accelerate their cloud transformation journeys. This enables them to innovate securely and scale confidently in a dynamic AI era.' Kevin Simzer, COO of Trend Micro: 'Among hyperscalers, we've seen Google Cloud accelerate as the most in tune with real-world demands, standing out not only for its cloud infrastructure but also for its leadership across AI, data analytics and multiple other domains. Google Cloud's hybrid and multi-cloud approach—seamlessly supporting both public and private cloud models—reflects the growing enterprise demand for flexibility.' Trend and Google Cloud are introducing key innovations addressing real-world demands, including: To read more on Trend and Google, please visit: Hashtag: #trendmicro #trendvisionone #visionone #cybersecurity #trendcybert #googlecloudron #cybertron The issuer is solely responsible for the content of this announcement. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.
Forbes
21 hours ago
- Business
- Forbes
What Leaders Need To Know About Their Safety
Michael Evanoff is the chief security officer and strategic advisor at Verkada, a leader in cloud-based physical security solutions. There has been a paradigm shift regarding security for business leaders. C-level executives are more visible than they've ever been. At their best, they're painted as celebrities. At their worst, they're lightning rods for criticism. I've spent the majority of my career protecting some of the most visible leaders in the public and private sectors. In that time, I've witnessed a major shift in executive protection (EP). Not only have the nature of threats to their safety evolved, but the technologies and tools that security experts leverage have also advanced with them. In this new threat landscape, data and information control are often overlooked threats that put leaders—and the teams that protect them—at risk. However harmless it may seem, sharing information creates vulnerabilities that bad actors can exploit. Organizations are rethinking the safety and security of their leaders at this moment. Beyond the clear investment in technology, tools and personnel, they must also recognize that a hidden strength in any security strategy lies in the thoughtful, deliberate management and control of personal data. Here are four often-overlooked areas that can have an outsized impact on the strength of executive security programs in the year ahead. 1. The Double-Edged Sword Of Social Media Social media has become a powerful platform for executives to connect with their customers and even their employees. However, this accessibility comes at a cost. Platforms such as LinkedIn and Instagram are often rich sources of personal information that bad actors can exploit. Even seemingly harmless posts such as photos from a conference or updates about company events can provide clues about travel schedules, routine activities or locations. As executives become more visible online, organizations must provide better training and privacy protocols that emphasize discretion, limit exposure and monitor sentiment online. This applies not just to executives but also to their families, family offices and teams. Social media can be polarizing and divisive. Rapidly radicalized online narratives can spread like wildfire across TikTok, Facebook and X, amplifying offline threats in real time. Security and communications teams must work in tandem to track, assess and respond to this interconnected reputational and safety risk as it develops. 2. The Gaps From Operational Overload EP officers carry immense responsibility—often working long hours, managing high-stress situations and constantly adapting to the demands of high-profile principals. Their well-being directly impacts the effectiveness of any security program, which is why ongoing support is critical. Many officers work up to seven days a week, particularly when supporting public figures with rigorous travel schedules. Over time, this level of strain can take a toll, making it harder to perform under pressure. In April 2025, a Diplomatic Security Service agent assigned to Secretary of State Marco Rubio was reportedly arrested after a public outburst—a stark reminder of the importance of ensuring EP officers are equipped with the resources, support systems and balanced workloads they need to perform at their best. Support also means building a coordinated ecosystem around the EP officer. Protection isn't handled in isolation; it includes local law enforcement, private teams and federal agencies. When roles, communication systems or protocols aren't aligned, confusion can arise quickly, especially during last-minute schedule changes or high-pressure scenarios. Leaders in executive protection must prioritize alignment, communication and clarity—not just for operational success but to support the people doing the work on the ground. 3. The Routines That Become A Risk Rigid daily routines and habits are widely publicized as productivity hacks of C-suite leaders. However, while rituals are effective, promoting them can also be dangerous. A quick search can unearth the daily routines of many high-profile CEOs. For someone intent on doing harm, the predictable nature of a CEO's publicly known schedule, including their travel times and regular activities, creates a window of opportunity. Beyond the vulnerabilities revealed when routines are shared online, time-bound routines such as commuting, dining or exercising are ultimately easily observable patterns that bad actors can exploit. While it's not always possible to disrupt every habit, security teams must work with executives to incorporate flexibility where possible. Shifting commute routes, adjusting public appearance schedules or even introducing impromptu stops during travel can dramatically reduce predictability—and, in turn, risk. 4. Outdated Technology: A Missed Opportunity EP is resource-intensive. Meta, for example, reportedly spent $43 million on CEO Mark Zuckerberg's personal security between 2020 and 2023. While "boots on the ground" remains essential, technology should be considered as a foundational piece of any executive protection program. Using the latest technology can act as a force multiplier for resource-strapped teams, and today's tools can give security officers insight into threats emerging online and in the physical world, from motion-based alerts for loitering or line-crossing in prohibited areas to social media sentiment analysis. Rethinking Security For The Modern Leader Executive protection must always evolve alongside the important individuals that EP officers are entrusted with protecting. In today's environment, this means taking a deliberate and thoughtful approach to information sharing and gathering as well as investments in people and technology. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
3 days ago
- Business
- Yahoo
JMP Securities Raises Zscaler (ZS) Price Target Amid Strong Growth Momentum
Zscaler Inc. (NASDAQ:ZS) is one of the growth stocks that could double in value by 2027. On July 1, JMP Securities reaffirmed its Market Outperform rating on Zscaler and raised its price target to $355 from $310. Copyright: hywards / 123RF Stock Photo The upgrade reflects confidence in Zscaler's robust financial performance, including 25.5% revenue growth over the past year and gross margins of 77.5%. The company's stock has surged 74% year-to-date, far outpacing the broader Russell 3000 index. The revised outlook follows investor meetings held in Los Angeles with senior Zscaler executives, where JMP analyst Trevor Walsh highlighted the company's strong positioning in the cybersecurity space. The firm sees continued upside potential driven by Zscaler's expanding product portfolio and growing enterprise demand. Zscaler Inc. (NASDAQ:ZS) is a global cloud security provider headquartered in San Jose, California. Its platform offers secure access to external and internal applications, digital experience monitoring, and advanced zero-trust solutions for enterprises. Zscaler serves a wide range of industries, including finance, healthcare, retail, and government, with a focus on scalable, cloud-native cybersecurity infrastructure. While we acknowledge the potential of ZS as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and . Disclosure: None. This article is originally published at Insider Monkey. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Zawya
5 days ago
- Business
- Zawya
Introducing the reimagined AWS MSSP Competency
Dubai, UAE – AWS, the world's most comprehensive and broadly adopted cloud, has updated its AWS MSSP (Managed Security Service Provider) Competency (previously AWS Level 1 MSSP Competency) for partners with turn-key security solutions that transform how organizations approach cloud security. The update includes new categories to validate Partners' security expertise in specific domains including Infrastructure Security, Workload Security, Application Security, Data Protection, Identity & Access Management, Incident Response, and Cyber Recovery. These categories validate service partners' capabilities to deliver comprehensive security outcomes leveraging native AWS services and best-of-breed security tools. Partners must meet core MSSP requirements and demonstrate expertise in at least one category through technical validation. Additionally, MSSP Competency Partners have the option to showcase how they integrate validated AWS Security Competency ISV solutions into their managed security services. This visibility helps AWS customers identify which MSSP Competency Partners can effectively manage their existing third-party security tools as part of a comprehensive security solution. About Amazon Web Services Since 2006, Amazon Web Services has been the world's most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management from 114 Availability Zones within 36 geographic regions, with announced plans for 16 more Availability Zones and five more AWS Regions in Chile, New Zealand, the Kingdom of Saudi Arabia, Taiwan, and the AWS European Sovereign Cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit About Amazon Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth's Most Customer-Centric Company, Earth's Best Employer, and Earth's Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.
