Check Call: Cybersecurity threats come from everywhere
The report has thrown a spotlight on an alarming 136% surge in advanced persistent threat (APT) detections against U.S. organizations in Q1 2025. The report paints a grim picture of an increasingly volatile digital battlefield, where critical sectors like telecommunications and transportation are under relentless assault.
'The landscape is acute,' said John Fokker, head of threat intelligence at Trellix in a preface of the report. 'The escalation of actor activity and increasing complexity of attack chains shouldn't be overlooked. It's clear we need a comprehensive, proactive cybersecurity strategy — one that's dynamic enough to defend against multi-vector threats.'
Among the most targeted sectors, telecommunications experienced a staggering 92% increase in APT detections, with attackers favoring industries vital to infrastructure and national security. Transportation and shipping were next in line, reflecting the strategic interest of state-sponsored groups in disrupting supply chains and communication systems.
The report reveals how bad actors are evolving by exploiting known vulnerabilities, deploying sophisticated post-exploitation frameworks and even targeting cybersecurity tools themselves to erode organizational defenses from within. 'Threat actors are not just outpacing outdated defense models — they're subverting the very tools meant to detect and stop them,' Fokker added.
A particularly disturbing trend is the increasing integration of artificial intelligence into cybercrime. Trellix researchers found tools capable of real-time voice cloning in multiple languages, potentially revolutionizing phishing and social engineering tactics. Meanwhile, low-cost AI services to process stolen credentials and automate fraud, available for as little as 30 cents, are proliferating in underground forums.
Trellix's report also emphasized the growing threat from 'living off the land' techniques, in which attackers exploit legitimate tools already present in IT environments — making detection harder and post-breach investigation more complex. In several cases, APT groups were seen leveraging open-source offensive tools such as Cobalt Strike and Sliver, along with zero-day vulnerabilities, to maintain stealth and persistence.
Amid this terrifying fraud landscape, Trellix also published mitigation strategies. The company recommends organizations adopt an extended detection and response framework that integrates AI and machine learning. Proactive threat hunting, zero trust architecture and continuous user behavior analytics are also critical in building resilience.
'As AI reshapes both cyber offense and defense, organizations must modernize their security stacks. Sticking with reactive or fragmented systems is no longer sufficient,' the report concludes.
Enterprises, especially in high-risk sectors, must move beyond compliance-based strategies and embrace threat-informed, adaptive security postures. The full report is available here.
To catch the rest of the stories in Check Call subscribe to the newsletter and get it delivered to your inbox every Tuesday at 2pm.
Or watch the latest episode on YouTube
The post Check Call: Cybersecurity threats come from everywhere appeared first on FreightWaves.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
a day ago
- Yahoo
APT Surges 5% From Lows Despite Market Volatility and $960M in Altcoin Liquidations
Aptos' APT exhibited exceptional price volatility throughout the 24-hour trading period, establishing a comprehensive trading range of 5.4%, spanning from an absolute low of $4.53 to a session high of $4.79, according to CoinDesk Research's technical analysis model. The model showed that the period was highlighted by an explosive intraday rally at 14:00 on July 24, with price action accelerating from $4.59 to $4.75 accompanied by substantial volume of 3.64 million, creating robust volume-confirmed support at the $4.59 threshold. Post-breakout, APT sustained consistent trading above the $4.60 level, encountering significant resistance in the $4.75-$4.79 range, according to the model. The recent altcoin correction eliminated $960 million in leveraged positions throughout the cryptocurrency ecosystem. The bounce in Aptos came as the wider crypto market fell, with the broader market gauge, the Coindesk 20, recently down 0.6%. In recent trading, APT was 1.2% higher over 24 hours, trading around $4.695. Technical Analysis: The trading session included a significant retracement to $4.62 approximately at 07:53, forming a crucial support foundation before launching a sustained upward movement. Price action reached $4.67 near 08:06, illustrating substantial buying pressure and momentum alignment. The recovery sequence confirms the previously established support territory around $4.58-$4.60. APT effectively maintained ascending lows, indicating potential advancement toward the identified resistance zone near $4.75-$4.79. Parts of this article were generated with the assistance from AI tools and reviewed by our editorial team to ensure accuracy and adherence to our standards. For more information, see CoinDesk's full AI Policy. Sign in to access your portfolio
Yahoo
19-07-2025
- Yahoo
Singapore military helps battle cyberattack: minister
Units in Singapore's military have been called in to help combat a cyberattack against critical infrastructure, the country's defence minister said Saturday -- a hack attempt attributed to an espionage group experts have linked to China. Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united government response to the threat, local media reported. Chan described the cyberattack as "one example of the emerging threats" that the military has to handle, the reports said. There have been no reported breaches so far. Coordinating Minister for National Security K. Shanmugam first disclosed the attack late Friday, describing it as a type of Advanced Persistent Threat (APT) that poses a serious danger to the city-state. An APT refers to a cyberattack in which an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time. "I can say that it is serious and it is ongoing. And it has been identified to be UNC3886," Shanmugam said, referring to the alleged attackers. Shanmugam, who is also home affairs minister, did not elaborate in his speech on the group's sponsors or the origin of the attack. But Google-owned cybersecurity firm Mandiant described UNC3886 as a "highly adept China-nexus cyber espionage group". APT actors typically steal sensitive information and disrupt essential services, such as healthcare, telecoms, water, transport and power, Shanmugam said. "If it succeeds, it can conduct espionage and it can cause major disruption to Singapore and Singaporeans," he added. - 'Stealthy opponents' - A successful breach of Singapore's power system, for example, could wreak havoc with the electricity supply, with knock-on effects on essential services, such as healthcare and transport. "There are also economic implications. Our banks, airports and industries would not be able to operate. Our economy can be substantially affected," Shanmugam said. Between 2021 and 2024, suspected APTs against Singapore increased more than fourfold. A cyber breach of a public healthcare cluster in 2018 accessed the medication records of about 160,000 patients, including then prime minister Lee Hsien Loong. Beijing's embassy in Singapore on Saturday expressed "strong dissatisfaction" with media reports linking UNC3886 to China. In a statement, the embassy said it "firmly opposes any unwarranted smearing of China" and that "in fact, China is one of the main victims of cyberattacks". The statement added: "China firmly opposes and cracks down on all forms of cyberattacks in accordance with the law. China does not encourage, support, or condone hacking activities." Asked by reporters Saturday about the link between UNC3886 and China, The Straits Times newspaper quoted Shanmugam as saying: "As far as the Singapore government is concerned, we can say we are confident that it is this particular organisation. Who they are linked to, and how they operate, is not something I want to go into." Information Minister Josephine Teo said in a Facebook post Saturday that the alleged attacker was publicly named because it was "important for Singaporeans to know where the attack is coming from and what the potential consequences will be". The attack on Singapore's critical infrastructure "highlights the extraordinary challenges posed by APT actors," said Satnam Narang, senior staff research engineer at US-based cybersecurity firm Tenable. "Combating such stealthy opponents is becoming increasingly demanding as the scale and complexity of IT infrastructure that organisations and nations must defend continues to grow," he said. mba/sst
Yahoo
08-07-2025
- Yahoo
CoinDesk 20 Performance Update: Uniswap (UNI) Gains 3.8% as Index Inches Higher
CoinDesk Indices presents its daily market update, highlighting the performance of leaders and laggards in the CoinDesk 20 Index. The CoinDesk 20 is currently trading at 3110.62, up 0.8% (+24.19) since 4 p.m. ET on Monday. Seventeen of 20 assets are trading higher. Leaders: UNI (+3.8%) and AAVE (+2.5%).Laggards: APT (-0.9%) and XRP (-0.1%). The CoinDesk 20 is a broad-based index traded on multiple platforms in several regions globally. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
