Cybersecurity

Booking.com utilizes AI to combat increasingly complex online fraud and safeguard user data. The company processes vast amounts of data, employing both vendor-specific and in-house AI solutions to detect and neutralize threats like fake reviews, phishing, and account takeovers. This hybrid approach balances deployment speed with customization. Balancing performance and cost is a key challenge. Proactive threat detection through AI assistants enhances security analyst efficiency, while fairness, human oversight, explainability, and privacy are prioritized in AI implementation. Future efforts will focus on optimized integration of AI solutions.

A new AI tool designed for security vulnerability identification has been weaponized by cybercriminals. Dubbed Hexstrike-AI, this framework drastically reduces the time needed to exploit zero-day vulnerabilities, potentially enabling attacks in minutes. It automates complex hacking processes, lowering the technical skill required for sophisticated attacks. Cybersecurity firm Check Point advises organizations to prioritize patch management, adopt AI-driven defense, accelerate incident response, and enhance threat intelligence to combat this emerging threat.

VCI Global (VCIG) launched its CyberSecure Cloud service in Malaysia, a military-grade encrypted data protection platform. The EAL4-certified service uses proprietary QuantVault technology and offers scalable storage (3TB-50TB) with automated backup and firewall. It targets Malaysia’s growing cybersecurity market, projected to reach US$700M by 2030. Expansion is planned for Singapore, Hong Kong, Dubai, and Indonesia, with a customer portal launching by September 2025. This aims to capture a significant share of the expanding ASEAN cybersecurity market, estimated to reach US$12.2B by 2030.

At Google Singapore, Google Cloud’s Mark Johnston highlighted the ongoing struggle for cybersecurity defenders. He revealed that 69% of APAC breaches are detected by external parties, underscoring detection weaknesses. Google Cloud is leveraging AI to improve defenses, but acknowledges AI also empowers attackers. Initiatives like Project Zero’s “Big Sleep” use AI for vulnerability discovery. While promising, AI automation introduces risks and requires human oversight. Budget constraints and the need for partners offering scalable solutions pose challenges for CISOs. Post-quantum cryptography deployment is underway.

Trend Micro has been named a Leader in the IDC MarketScape for Worldwide Exposure Management 2025 for its Cyber Risk Exposure Management offering. Trend Micro’s solution unifies security posture management and third-party integrations, providing comprehensive exposure telemetry and automated remediation. The integrated GenAI assistant helps users understand and address exposures. The report highlights Trend Micro’s suitability for enterprises seeking to consolidate security tools, automate remediation, and report on compliance, ultimately reducing operational silos and improving risk reduction.

Arch Linux, the foundation of SteamOS, is experiencing a persistent DDoS attack since August 2025. The attack is primarily affecting the main website, Arch User Repository (AUR), and forums, causing intermittent outages. The Arch Linux team is working to mitigate the effects and restore full functionality, while investigating the origin of the attack. Users are advised to monitor the service status page for updates. The incident highlights cybersecurity threats to open-source projects and their downstream impacts.

AbbVie’s Rachel James discusses leveraging AI, specifically Large Language Models, to enhance cybersecurity by analyzing security alerts, identifying patterns, and uncovering vulnerabilities. AbbVie uses OpenCTI to transform unstructured threat data using AI. James, a contributor to ‘OWASP Top 10 for GenAI’, highlights risks like inherent unpredictability, transparency challenges, and ROI assessment. She emphasizes understanding attacker mindsets and advocates for integrating data science and AI into cybersecurity, capitalizing on intelligence data sharing. Professionals are encouraged to embrace AI.

A recent report reveals that 81% of UK CISOs believe AI chatbots like DeepSeek require urgent government regulation due to cybersecurity risks. 34% have already banned AI tools, and 30% halted specific deployments over escalating concerns. CISOs fear data exposure, weaponization by cybercriminals, and increased attacks. 42% now view AI as a greater threat than a help. Many feel unprepared to manage AI-driven threats, prompting investment in AI specialists and C-suite training while urging for a national regulatory framework.

A Yubico survey reveals significant cybersecurity habit disparities across major U.S. cities. Nearly half of Americans reuse passwords, while only 3% favor hardware security keys. Seattle and San Francisco lead in MFA and passkey adoption, while Denver lags. The survey exposes a disconnect between perceived and actual security, with many experiencing cyber incidents despite believing they can identify phishing. Yubico advocates for robust, phishing-resistant authentication methods like YubiKeys.

China’s new parental subsidy program (¥3,600 annually per child under three) is set to launch in 2025. However, scammers are already exploiting the initiative, using deceptive tactics on social media to lure parents with fake notifications. WeChat warns against clicking suspicious links or downloading files from unsolicited messages, as they may contain malware granting remote access for data theft. Official application portals will be available in late August; verify information through official government channels.