InfoSecBulletin Cybersecurity for mankind
Last year, more than 1.5 million UK companies were attacked by cybercriminals, causing them to lose over £31.5 billion ($40 billion), according to a report from business ISP Beaming.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
A company surveyed 500 business leaders in 2023 to find out about security breaches that affected their organization. They were asked about the expenses they incurred in dealing with each incident, which included data recovery, replacing IT assets and personnel, business interruption, lost business, and regulatory penalties.
The median figures for each type of cybercrime and business size provided by respondents were calculated and then multiplied by the total number of businesses, using government data.
The report “Price of Insecurity: The Cost of Business Cybercrime in 2023” shows that the total cost of breaches has increased by 138% since 2019, when it was estimated at £12.8bn.
In 2023, around 27% of UK businesses were targeted by cybercrime. On average, these attacks cost £5500.
Cybercrime rates decreased for the largest and smallest businesses, but increased for all SME segments. Small businesses (11-50) saw the highest increase in victims (42%) and costs (396%) between 2019 and 2023.
“While large businesses are proving more resilient to cybercrime, the cost of breaches is soaring, and SMEs are being hit harder than ever before,” argued Beaming managing director, Sonia Blizzard.
“Businesses are investing in training and technology but they’re under sustained attack. So as the use of technology helps business to grow, the investment in cybersecurity training also needs to be maintained.”
Companies are investing more in cybersecurity, including employee training and tools like firewalls, VPNs, and threat management devices. However, cyber-threats like phishing, malware, and insider threats are still common, affecting a large number of people.
BEC and social engineering were the top threats for cybercriminals, followed by credential stuffing and ransomware.
