This Week in Cybersecurity - June 27, 2025

This week in cybersecurity, we’re seeing a troubling pattern: progress in some areas, but persistent—and even growing—threats in others. From a record-breaking 16 billion passwords leaking online to misconfigured cloud storage buckets still exposing sensitive data, the risks to businesses remain high. Meanwhile, industry leaders are pushing back on rigid cybersecurity reporting rules that may be doing more harm than good. Here’s what you need to know to stay ahead.

Top News This Week

DHS Warns of Rising Cyber Threats Amid U.S.–Iran Conflict: Small Businesses Urged to Bolster Defenses

The Department of Homeland Security (DHS) has issued a warning about an increased risk of cyberattacks from Iranian state actors and pro-Iranian hacktivist groups in response to recent U.S. military action against Iran. These actors are likely to target vulnerable U.S. networks, particularly in critical infrastructure sectors such as water utilities, food production, and technology. The DHS and FBI are urging public and private sector organizations to strengthen their cybersecurity posture and remain vigilant. Previous Iranian-linked attacks have exploited weak passwords and exposed systems.

Takeaway: Small businesses are often targeted precisely because they have fewer protections in place. Ensure your systems are not exposed to the internet unnecessarily, enforce strong password policies, enable multi-factor authentication (MFA), and monitor for unusual activity. Even if you're not a high-profile target, your business could be caught in the crossfire of geopolitical cyber campaigns.

(Cybernews)

Cyber Insurance Premiums Dip for First Time—But Third-Party Risk Still Looms

For the first time since 2015, cybersecurity insurance premiums declined—dropping 2.3% to $7.1 billion in 2024—according to a report by AM Best. Despite the decline, the market remains profitable, with loss ratios below 50%. The drop appears driven by reduced pricing rather than reduced demand or lower risk. Analysts also suggest some large companies are opting for self-insurance through captive entities, skewing reported data. The report highlights the growing challenge of third-party risk and stresses the importance of vetting vendors as part of a strong cyber hygiene strategy.

Takeaway: Lower cyber insurance prices may offer an opportunity to revisit or upgrade your coverage—but don’t let your guard down. As insurers scrutinize third-party risk more closely, make sure your business evaluates the cybersecurity posture of your vendors and partners. A vendor’s breach could still impact your operations—and your ability to collect on a claim.

(Cybersecurity Dive)

Malware Hidden in JPEG Image Evades Detection with Stealthy Encoding Trick

On June 16, 2025, security researchers uncovered a sophisticated cyberattack in which malware was stealthily embedded inside a JPEG image using steganography and a modified Base64 encoding technique. The malicious code was hidden after the image’s End Of Image (EOI) marker—an area typically ignored by image viewers and web browsers—making it difficult for standard security tools to detect. The attackers also altered the Base64 encoding by replacing the character ‘A’ with ‘@’, effectively bypassing signature-based detection. The payload, once decoded, revealed a malicious .NET DLL linked to a known threat campaign, suggesting a highly targeted and advanced approach.

Takeaway: Media files aren’t always harmless. Even a simple image could carry malicious code capable of infiltrating your network. SMBs should ensure endpoint protection tools can inspect file metadata and not just file types. Avoid downloading or sharing images from unknown sources—even if they look innocent—and educate your team about the risks of embedded malware in everyday file types.

(Cybersecurity News)

Cyber Tip of the Week

Review and restrict third-party access. Vendors and partners with access to your systems can introduce serious cybersecurity risks. Regularly audit who has access to your data, limit permissions to only what's necessary, and ensure vendors follow strong security practices. A breach in their environment could become a breach in yours.

Stat of the Week

According to AM Best, cyber insurance premiums dropped by 2.3% in 2024, marking the first decline since 2015—but the market remains profitable with loss ratios under 50%, showing ongoing high demand and manageable claims.

Final Thoughts

This week’s stories underscore a troubling but important reality: today’s threats are more covert, creative, and targeted than ever. From foreign nation-state actors probing cloud providers to malware hiding in images, cybersecurity is no longer just about perimeter defenses—it’s about layered protection, user vigilance, and adaptable strategies. For SMBs, staying informed and investing in modern security tools isn’t optional—it’s essential.

Until next week—stay sharp and stay secure.

Have questions about your cybersecurity posture? Let’s talk.