InfoSecBulletin Cybersecurity for mankind
Last year, more than 1.5 million UK companies were attacked by cybercriminals, causing them to lose over £31.5 billion ($40 billion), according to a report from business ISP Beaming.
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
A company surveyed 500 business leaders in 2023 to find out about security breaches that affected their organization. They were asked about the expenses they incurred in dealing with each incident, which included data recovery, replacing IT assets and personnel, business interruption, lost business, and regulatory penalties.
The median figures for each type of cybercrime and business size provided by respondents were calculated and then multiplied by the total number of businesses, using government data.
The report “Price of Insecurity: The Cost of Business Cybercrime in 2023” shows that the total cost of breaches has increased by 138% since 2019, when it was estimated at £12.8bn.
In 2023, around 27% of UK businesses were targeted by cybercrime. On average, these attacks cost £5500.
Cybercrime rates decreased for the largest and smallest businesses, but increased for all SME segments. Small businesses (11-50) saw the highest increase in victims (42%) and costs (396%) between 2019 and 2023.
“While large businesses are proving more resilient to cybercrime, the cost of breaches is soaring, and SMEs are being hit harder than ever before,” argued Beaming managing director, Sonia Blizzard.
“Businesses are investing in training and technology but they’re under sustained attack. So as the use of technology helps business to grow, the investment in cybersecurity training also needs to be maintained.”
Companies are investing more in cybersecurity, including employee training and tools like firewalls, VPNs, and threat management devices. However, cyber-threats like phishing, malware, and insider threats are still common, affecting a large number of people.
BEC and social engineering were the top threats for cybercriminals, followed by credential stuffing and ransomware.
