Curated cybersecurity news
summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
What is new in February, 2025 in Cybersecurity?
Malware exposes 3.9 billion passwords in huge cybersecurity threat
A new cybersecurity report now highlights that hackers using Lumma, along with StealC, Redline and other infostealers, infected 4.3 million machines in 2024, leading to an astonishing 330 million compromised credentials. Read more
Integrating Cybersecurity and Enterprise Risk Management | NIST IR 8286 Series Revisions and Updates
NIST has released revisions or updates to all five publications in its Interagency Report (IR) 8286 series. These publications help practitioners better understand the close relationship between cybersecurity and enterprise risk management (ERM). All five publications in the series have been updated to align more closely with the Cybersecurity Framework (CSF) 2.0 and other updated NIST guidance. The updated series puts greater emphasis on cybersecurity governance to highlight the importance of ensuring cybersecurity capabilities support the broader mission through ERM. Read more
Fight fire with fire: 3 major ways AI fuels your cybersecurity arsenal
Cyberattacks deployed with AI are only becoming more sophisticated and evasive with each passing day.
The good news? The power of AI cuts both ways, and an increasing number of enterprises are exploring opportunities to deploy AI (and its subfield, machine learning) in their own cyber defenses – fighting fire with fire, you might say. Read more
Cybersecurity risks organizations need to address this year
As organizations navigate a new year, they face a fundamental truth: traditional perimeter-based security has failed. The modern enterprise isn’t defined by its devices and users but by its digital assets — the crown jewels that power operations and drive value. Yet most security approaches remain stuck in an outdated paradigm, focusing on protecting devices and user accounts while overlooking the dynamic web of service accounts, APIs and machine identities that actually access and manage these critical assets. In this AI-accelerated landscape, this disconnect between security strategy and reality creates dangerous blind spots. Organizations that don’t pivot to an asset-centric security model risk more than exposure — they’re inviting catastrophic breaches. Read more
The cyber threats to watch in 2025, and other cybersecurity news to know this month
The cyber threat landscape in 2025 will be shaped by increasingly sophisticated attacks, with ransomware, social engineering and AI-powered cybercrime remaining top concerns, according to the World Economic Forum’s latest Global Cybersecurity Outlook.
Data breaches continued at historic levels in 2024, with 3,158 data compromises tracked by the Identity Theft Resource Center – on par with the previous record-breaking year. However, victim notices surged 211% to 1.3 billion, but this was largely due to five mega-breaches, each triggering over 100 million notices. Read more
