top of page

This Week in Cybersecurity - May 2, 2025

As we progress through 2025, cybersecurity continues to evolve, presenting new challenges and opportunities for businesses and individuals alike. This week, we delve into the latest news shaping modern security.


A glowing hand holds a bright digital shield with a lock icon, set against a dark background with green light effects. Mood is secure.

Top Threats This Week


Ransomware Surges in 2025: HR and IT Emails Become Prime Phishing Lures​

In the first quarter of 2025, ransomware attacks reached unprecedented levels, with a 28% increase over the previous quarter, according to NCC Group. Notably, the cybercriminal group Cl0p was responsible for 19% of these attacks. A concerning trend is the rise of sophisticated phishing campaigns impersonating internal departments, particularly HR and IT. KnowBe4's Q1 2025 Phishing Report revealed that over 60% of top-clicked phishing emails referenced internal teams, with nearly half specifically mentioning HR. These deceptive emails often mimic trusted platforms like Microsoft and LinkedIn, exploiting employee trust to harvest credentials. Additionally, malvertising attacks and zero-day vulnerabilities, especially targeting Microsoft systems, have intensified the threat landscape. ​


Takeaway: For SMB leaders, this surge underscores the critical need for comprehensive cybersecurity strategies. Implementing regular security awareness training, enforcing multi-factor authentication, and maintaining up-to-date systems are essential steps to protect against these evolving threats.

(Clearance Jobs)



AI Takes Center Stage at RSAC 2025: From Buzzword to Business Imperative​

At RSAC 2025, cybersecurity leaders from top firms like SentinelOne, Palo Alto Networks, and CrowdStrike emphasized the rapid evolution of AI in security. Discussions highlighted the shift from basic AI tools to advanced "agentic" systems capable of autonomous decision-making. Executives underscored the dual nature of AI: while it enhances defense mechanisms, it also equips adversaries with sophisticated attack capabilities. The consensus is clear: integrating AI into cybersecurity strategies is no longer optional but essential to stay ahead of emerging threats.


Takeaway: For SMB leaders, this underscores the urgency of adopting AI-driven security solutions. Proactively integrating AI can bolster defenses, streamline operations, and ensure resilience against increasingly sophisticated cyber threats.


Microsoft Embraces Passwordless Future: New Accounts Default to Passkeys

Microsoft has announced that all new accounts will now be "passwordless by default," encouraging users to adopt passkeys and other secure, phishing-resistant authentication methods. This move is part of a broader industry trend towards passwordless authentication, with the FIDO Alliance reporting that over 15 billion accounts now support passkeys. Passkeys utilize public/private key cryptography and biometric verification, offering enhanced security and user convenience. For small and medium-sized business leaders, this shift underscores the importance of adopting modern authentication methods to improve security and streamline user access.​


Takeaway: For SMB leaders, adopting passwordless authentication methods like passkeys can significantly enhance security and streamline user access. Embracing these technologies positions organizations ahead of emerging cyber threats and aligns with industry best practices.

(The Hacker News)


Cyber Tip of the Week


Be cautious of emails that appear to come from internal departments like HR or IT. Cybercriminals often impersonate these departments to trick employees into clicking malicious links or providing sensitive information. Always verify the sender's email address and, when in doubt, contact the department directly through official channels.



Stat of the Week


Cybercrime is projected to cost the global economy $10.5 trillion annually by 2025, making it more profitable than the global trade of all major illegal drugs combined. (identitytheft.org)


Final Thoughts


The cybersecurity landscape is becoming increasingly complex, with sophisticated phishing attacks and escalating financial impacts. By staying informed and implementing proactive security measures, organizations can better protect themselves against these evolving threats.​


Have questions about your cybersecurity posture? Let’s talk.

sublogo (1).png

MapleTronics is a full-service IT planning, managed services, and managed cybersecurity company with offices in Indiana, Tennessee, and Florida. Since 1992, MapleTronics has been serving its mission to empower others to fulfill their mission. Today, MapleTronics serves hundreds of clients from large manufacturing companies and healthcare organizations to single-employee business owners. Our solutions focus on four main areas: business continuity, security, stability, and support.


2116 W. Wilden Ave.
Goshen, IN 46527

Goshen, IN

2488 Park Plus Dr B, Columbia, TN 38401

Columbia, TN

​

1690 Broadway

Building 19, Suite 10
Fort Wayne, IN 46802

Fort Wayne, IN
Contact Us

We'll get back with you within a business day, normally quicker.

Thanks for submitting!

©2025 Mapletronics Inc. All Rights Reserved

bottom of page