Palo Alto Networks’ Unit 42 Extortion and Ransomware Trends Report Reveals Aggressive New Tactics and the Escalation of Threat Actor Collaboration

Palo Alto Networks’ Unit 42 Extortion and Ransomware Trends Report Reveals Aggressive New Tactics and the Escalation of Threat Actor Collaboration

Sunday, June 22, 2025

Palo Alto Networks® (NASDAQ: PANW), the world's leading AI cybersecurity company, recently released the Unit 42 Extortion and Ransomware Trends January-March 2025 report, which revealed that threat actors are evolving their tactics, collaborating with state-backed groups and using extortion scams to extract payments.

Organisations across the Asia-Pacific and Japan region are putting their security posture first, and many are now detecting intrusions early in the attack lifecycle, before attackers can execute their objectives. This has led to an increase in incident response cases that are contained at the network access stage. Despite progress, ransomware and extortion campaigns continue to succeed at significant rates. Analysing Palo Alto Networks’ Unit 42 incident response cases, Unit 42 researchers found that in response, threat actors are intensifying their tactics, using more aggressive methods to pressure victims and secure higher, more consistent payouts. Organisations therefore must stay aware of trends in ransomware and employ a defence-in-depth strategy for protection to remain prepared for ransomware attacks.

"We’re seeing a clear shift in how ransomware and extortion actors operate globally and across the Asia-Pacific and Japan region. Attackers are shifting from traditional encryption tactics to more aggressive and manipulative methods including false claims, insider access, and tools that disable security controls,” said Philippa Cogswell, Vice President and Managing Partner, Unit 42, Asia-Pacific & Japan, Palo Alto Networks. “These new and evolving tactics show just how critical it is for organisations to move beyond reactive defences and invest in security strategies that provide full visibility and rapid response across their environments.”

In the Philippines, ransomware continues to pose a serious threat to both public and private organisations. These attacks have caused major disruptions to online services and encrypted sensitive data across critical systems, often halting operations until ransoms are paid or systems are restored.

With millions of cyber threats detected daily in the country, the risk of ransomware demands urgent and coordinated action. In fact, the Philippines’ National Cybersecurity Plan 2023–2028 prioritises the protection of critical information infrastructures and adopts a proactive defence posture, specifically including ransomware readiness and incident response capabilities. However, to stay ahead of increasingly sophisticated attacks, organisations will also have to invest in proactive threat detection, adopt AI-powered security tools, and strengthen collaboration across sectors.

Key findings of the report include:

Attackers are lying to get paid: Unit 42 observed a growing number of cases of extortion scams using fake data and even physical ransom notes sent to executives’ homes.

Manufacturing remains the top ransomware target, continuing a trend that has persisted for several years. The second most impacted industry is wholesale & retail, followed by professional & legal services.

Ransomware activity by location headquarters: The most targeted regions for attackers are the United States, Canada, UK, Germany.

Cloud and endpoint security are under siege: Attackers are increasingly using “EDR killers” to disable endpoint security sensors and targeting cloud systems more aggressively than ever before.

AI-generated insider threat extortion on the rise: North Korean operatives using AI-generated identities to post as remote IT workers have extorted companies by stealing proprietary code and threatening public leaks.

RansomHub emerges as top ransomware variant: RansomHub became the most prolific ransomware observed during the reporting period. This marks a sharp rise from mid-2024, when it was first identified as an emerging threat to watch.

To read the full report, please visit: https://unit42.paloaltonetworks.com/2025-ransomware-extortion-trends/

Read More

Appdome is the First to Detect Agentic AI Malware on Mobile Devices

Appdome is the First to Detect Agentic AI Malware on Mobile Devices

New Android & iOS Plugins Detect Agentic AI Assistants Performing In-App Surveillance and Data Exfiltration in Consumer and Enterprise Apps

Appdome, the leader in protecting mobile businesses, today announced the availability of new dynamic defense plugins to detect and defend against Agentic AI Malware and unauthorized AI Assistants controlling Android & iOS devices and applications. The new Detect Agentic AI Malware plugins allow mobile brands and enterprises to know when Agentic AI applications interact with their mobile applications and use the data to prevent sensitive data leaks and block unvetted on-device AI Agents from accessing transaction, account, or enterprise data and services.

Agentic AI Assistants—such as Apple Siri, Google Gemini, Microsoft Copilot, OpenAI ChatGPT, and others—are increasingly available to mobile users in consumer and enterprise environments. However, the same capabilities that make AI Assistants useful to consumers and employees can also be used by Agentic AI Malware and Trojans. Good and bad AI Assistants can gain broad runtime access to screen content, UI overlays, activity streams, user interactions, and contextual data. Malicious AI Assistants can exploit this access to perform data harvesting, session hijacking, and account takeovers—often under the guise of legitimate AI functionality. On Android, this risk is amplified by more permissive APIs. On iOS, threats extend to mirroring-based leaks (e.g., via AirPlay) and enterprise-targeted surveillance.

“Mobile brands and enterprises have quickly acknowledged the risk of Agentic AI Assistants on mobile devices,” said Tom Tovar, co-creator and CEO of Appdome. “Our new Detect Agentic AI Malware plugins give mobile brands and enterprises choice and control over when and how to introduce AI Assistant functionality to their users.”

Agentic AI assistants have wide appeal in internal enterprise and public-facing consumer use cases. However, in consumer use cases—like banking, eWallet, and healthcare applications—some brands might take the view that, for now, the risks outweigh the benefits. Currently, whatever a good AI assistant can do, a bad AI Assistant can do. Both can access, extract or input credentials, intercept transactions, and send messages to other users. In enterprise environments, malicious AI Assistants could perform actions as the employee, accessing proprietary systems, leak sensitive documents, or create entry points for lateral compromise. Wrapped or re-skinned AI apps—especially unofficial or third-party clones of tools like ChatGPT—further increase the attack footprint, often requesting dangerous (overreaching) permissions and quietly transmitting captured data to external servers. Without real-time detection and control, mobile brands remain exposed to surveillance, compliance failures, and data loss at scale.

“The mobile application and device can only know it’s an Agentic AI Assistant,” said Avi Yehuda, Co-Creator and Chief Technology Officer at Appdome. “The mobile environment has no concept of “good” or “bad” actors, only allowed and disallowed access or permissions, that’s the point.”

Security researchers have observed that malicious AI Assistants can extract session data, cryptographic tokens, or decrypted content by analyzing on-screen information in real time. These apps often masquerade as legitimate voice assistants, and once granted access, can silently monitor users’ activity. Furthermore, when coupled with generative AI models, attackers can script automated reconnaissance, tampering, or replay of sensitive operations inside apps.

“If you have sensitive data or regulated use cases on mobile, AI Assistants are no longer a hypothetical risk—they’re an active one,” said Kai Kenan, VP of Cyber Research at Appdome. “Detecting and controlling the use of these tools is a must-have capability for any mobile defense strategy.”

Appdome’s new Detect Agentic AI Malware plugin uses behavioral biometrics to detect the techniques that malicious or unauthorized AI Assistants use to interact with an Android or iOS application in real time. This includes official, third-party, or wrapped AI apps that impersonate trusted tools or gain elevated permissions. Mobile brands and enterprises can use Appdome to monitor AI Assistant use or detect and defend against Agent AI Assistants using multiple evaluation, enforcement and mitigation options. Mobile brands and enterprises can also specify any number of Trusted AI Assistants, to guarantee that users have access to approved and legitimate Agentic AI Assistants.

“A tsunami of Agentic AI—both good and bad—is approaching the mobile ecosystem. The question is no longer if, but when,” said Chris Roeckl, Chief Product Officer at Appdome. “Most concerning are wrapped versions of legitimate apps, which are increasingly used to trick users into signing in, transacting, and engaging with what looks like your brand—until a malicious agent takes over. Our new dynamic defenses stop Agentic AI from weaponizing your app against your users.”

To learn more about Appdome malware protection, including Detect Agentic AI Malware, please visit https://www.appdome.com/mobile-malware-prevention/.

Read More

Top business leaders rally behind JCI World Congress 2026

Top business leaders rally behind JCI World Congress 2026

Distinguished business leaders, JCI members, and partners gather for an inspiring evening in support of the 2026 JCI World Congress, highlighting the power of collaboration and shared commitment to elevate youth leadership, drive innovation, and positive change locally and globally.

The announcement of the Junior Chamber International (JCI) World Congress 2026 hosting in Clark, Pampanga has ignited widespread enthusiasm among local JCI leaders in the Philippines. They see this as a remarkable opportunity to showcase their chapter’s capabilities on a global stage while reinforcing the country’s commitment to leadership and community development.

A legacy of inspiration

In a special gathering hosted at the residence of Felix Ang, Founder of CATS Motors and President of Auto Nation Group, former JCI members and distinguished guests attended, including Senator JV Ejercito; 2025 JCI Advisor Boydee Dizon III; former 2024 JCI Makati Senate President and 1997 JCI World President Crispin C. Dy Jr.; Chairman of Clark Development Corporation Ed Pamintuan, who also served as the 1978 World Congress Director; and former President of JCI Manila and former President of Clark Development Corporation Benny Ricafort. Their presence underscored the lasting impact of JCI leadership and the strong bonds within the organization.

Jan Adrian “AP” D. Padiernos, the 2025 JCI Manila President, shared his excitement for the upcoming event, reflecting on the historic 1998 JCI World Congress—the last time the Philippines hosted the prestigious gathering.

“Reflecting on the last JCI World Congress in the Philippines back in 1998, I think it inspired many to join and become more active in the organization. As JCI's mission is to develop leaders, we hope that this upcoming World Congress will do the same—encourage more leaders to step out of their comfort zones, embrace their potential, and create a positive impact in their communities and the country.”

The JCI World Congress 2026 is also expected to serve as a catalyst for youth development, providing invaluable learning experiences for young Filipinos. Many local leaders see this as a unique opportunity to engage young people in leadership training, business networking, and cultural exchange.

“One of the greatest opportunities this congress offers is the chance to foster international relations and cultural understanding,” said Randy Manaloto, 2025 JCI Senate Manila President. “It’s a platform where young leaders can engage in business networking while connecting with JCI members from different countries, backgrounds, and cultures. Though we may have different perspectives, we are united by a shared mission.”

The significance of hosting the JCI World Congress again after nearly three decades is not lost on Dr. Cecilio K. Pedro, President of the Federation of Filipino-Chinese Chambers of Commerce and Industry, Inc., Founder and President of Lamoiyan Corp., and former JCI Manila President (1990).

“It has been 28 years since we last hosted the World Congress. This event is more than just a gathering—it’s a way to strengthen camaraderie among JCI members and reinforce the importance of strong, visionary leadership. The Philippines has so much potential, and with the right leadership, we can help this country to be one of the greatest countries in the world.”

Clark Pampanga as the ideal host city

Last year, JCI Manila, in partnership with JCI Angeles City Culiat, secured the prestigious hosting rights for the event. This milestone gathering is expected to bring together thousands of young leaders from across the globe, fostering international collaboration and leadership growth.

Leading the preparations is Luis Angelo Sevilla, the appointed 2026 JCI World Conference Director, who envisions setting a new benchmark for international JCI conferences. Rather than simply promoting an event, he emphasizes creating an immersive experience that inspires young leaders to drive innovation and embrace continuous improvement.

Kate Reyes-Romero, Deputy World Congress Director from JCI Angeles City Culiat, views the JCI World Congress as a profound commitment to the community and the nation. To her, it represents the unwavering love and dedication of Filipinos to their country, inspiring them to drive growth, foster unity, and create a lasting impact.

The JCI World Congress will provide a platform for emerging leaders to exchange ideas, forge partnerships, and discuss global challenges. It embodies the core values of JCI, which has long been dedicated to empowering young individuals to drive positive change in their communities and beyond.

Scheduled on November 11-15, 2026, the congress is expected to welcome over 6,000 delegates from more than 120 countries. Clark, Pampanga, recognized as the premier MICE (Meetings, Incentives, Conventions, Exhibitions) destination in the Philippines, will offer world-class infrastructure, seamless accessibility, and convenient travel options, ensuring a truly memorable experience for all participants.

More than just a gathering, the JCI World Congress 2026 promises to be a transformative event—one that will celebrate leadership, inspire action, and solidify Pampanga’s reputation as a hub for global collaboration and innovation.

Read More

AIA Philippines Wins at 2025 Asia-Pacific Tambuli Awards for Breast Cancer Initiative

AIA Philippines Wins at 2025 Asia-Pacific Tambuli Awards for Breast Cancer Initiative

AIA’s Hope for the Breast program recognized for purpose-driven innovation and social impact

AIA Philippines, the local arm of Hong Kong-based insurer AIA and formerly Philam Life, has earned bronze at the Asia-Pacific Tambuli Awards for its “Hope for the Breast” initiative under the Builders of Society: Advocacy category. Rolled out across San Juan City, Pasig City, and Quezon City last year, the program champions breast cancer awareness, early screening, and affordable protection for Filipino women in underserved communities.

The award underscores the urgent need for inclusive healthcare, as breast cancer remains the most common cancer among Filipino women, making up 17.5% of new cases, with most detected only in the later stages1. AIA Philippines’ Hope for the Breast makes early detection possible through the Hope Mobi Clinic, a clinic-on-wheels developed with The Medical City, which brings free mammography screenings and treatment straight to Filipino women.

Mammograms can cost up to PHP 8,000 without PhilHealth coverage2, but through the program, these are provided for free. In 2024 alone, Hope Mobi Clinic screened over 1,000 women, surpassing its goal and identifying three early-stage cases that were promptly treated.

“Our goal is to create shared value, helping people live healthier, longer, and better lives through meaningful, purpose-led programs,” shared Melissa Henson, Chief Marketing Officer, AIA Philippines. “This recognition highlights the powerful difference we can make when we combine innovation with empathy and community care.”

One of the women touched by Hope for the Breast is Shirley, a grandmother whose condition was diagnosed early, thanks to the program. “When I found out my results, I was scared,” she shared. “But Hope for the Breast gave me a chance. Everything was taken care of, and my surgery was a success. I’m so grateful for their support.”

Strategic partnerships have been key to the program’s success. Working closely with The Medical City, local government units, and barangay health workers, AIA Philippines created a network that enables women to receive not just screenings, but full treatment, including surgery and follow-up care, at no cost.

“By making prevention and protection more accessible, we’re not only saving lives but also showing how free breast cancer screening and insurance solutions can encourage people to take charge of their health,” said Henson.

In 2025, AIA Philippines expands the program by bringing Hope for the Breast to other cities and more communities, reaching more women, saving more lives, and staying true to its purpose of empowering more Filipinos to live Healthier, Longer and Better Lives.

Read More

More Young Professionals Are Saying Yes to Life Insurance — And It All Starts with Just Three Questions

More Young Professionals Are Saying Yes to Life Insurance — And It All Starts with Just Three Questions

Wednesday, June 18, 2025

For young professionals starting to get serious about their future, the questions start piling up. Budgeting? Sure. Saving? Trying. Investing? Sounds intimidating, but it’s on the list. Life insurance? That still feels like a “someday” thing.

Until you read this: “Only 3 questions to get started with Sure Start by EastWest Ageas.”

Wait — What? Just Three?

No long questionnaires. No intimidating jargon. Only a simple form with three health and lifestyle questions. Answer that, and you’re on your way to securing your very first life insurance plan.

Insurance That Makes Things Simple

Sure Start by EastWest Ageas is built for first-timers: the fresh grads, the young professionals, the people who want to start protecting what they’re earning without dealing with complex policies.

Here’s what you get:

Guaranteed Death Benefit: 100% of the basic sum insured goes to your loved ones

Funeral Assistance: An extra 10% to help cover final expenses

Overseas Benefit: An additional 20% if something happens while you’re abroad

You can also boost your plan with optional riders such as Accidental Death, Accidental Disablement, Critical Illness, and Hospital Cash, valuable add-ons that offer extra peace of mind.

It Grows With You, Too

Here’s the cool part: Sure Start doesn’t just sit in your inbox after you buy it. As life happens — you get married or start a family — your coverage automatically increases by 10–20%, without reapplying or submitting extra paperwork.

You can also choose between 1-year or 5-year coverage (renewable up to age 80), and when you’re ready to upgrade, you can convert your Sure Start plan into other EastWest Ageas. Again, no medical exams or do-overs needed.

Need It Budget-Friendly? Say Less.

For something that does a lot, a Sure Start plan doesn’t take a lot. Annual premiums start at just Php 8,000* — that’s about Php 21 a day. Saving a little every day can truly go a long way. With just Php 21 daily, this is a smart way to build long-term financial security and protect your future.

A Small Move, A Big Adulting Win

Getting life insurance can be simple, straightforward, and made just for you. With Sure Start, it’s a smart, easy move you can make early in your journey, sans the stress of overthinking. If you’re new to the working world and ready to start strong, Sure Start is here to meet you where you are and help you grow from there.

To learn more about Sure Start, talk to an EastWest Ageas financial advisor or visit eastwestageas.com.ph.

*Minimum premium may be higher for older clients.

Read More

PLDT Enterprise Boosts Transport & Logistics with Smarter, Stronger Connectivity Solutions

PLDT Enterprise Boosts Transport & Logistics with Smarter, Stronger Connectivity Solutions

PLDT Enterprise is accelerating digital progress in the country’s transport and logistics sectors by delivering stronger, smarter wireless connectivity through Wireless Indoor Coverage.

Given the Philippines’ archipelagic geography and rugged terrain, many areas stand to benefit more from wireless connectivity solutions than from traditional wired infrastructure, making solutions like Wireless Indoor Coverage especially relevant in supporting the evolving needs of these industries.

“Reliable wireless coverage plays a critical role in enhancing communication across transport and logistics operations, from real-time SMS updates to clear voice calls and seamless data access. Whether inside warehouses, distribution hubs, or transit terminals, strong connectivity ensures accurate coordination, minimizes failed deliveries, and keeps customers informed every step of the way. This ultimately drives greater operational efficiency and boosts consumer satisfaction,” said John Gonzales, First Vice President and Head of Enterprise Consulting Services and Technology Management at PLDT Enterprise.

A Commitment to Transport and Logistics Innovation

PLDT Enterprise’s Wireless Indoor Coverage is about enabling transformation. By integrating wireless connectivity within vehicles and transit hubs, the solution supports the industry through:

• Reliable connectivity on the move, enabling uninterrupted access to safety systems and communications as vehicles travel through different environments
• Consistent, mobile-ready coverage that supports real-time safety features and critical system updates wherever the journey leads
• Remote network management for vehicle fleets, ensuring timely security and configuration updates
• Extended coverage into previously underserved zones, enabling consistent wireless connectivity in enclosed spaces such as bus depots, terminals, and vehicles where signal traditionally weakens

With wired internet still a challenge in some areas of the country, wireless broadband, particularly 5G, emerges as a powerful alternative in the meantime, offering faster speeds, lower latency, and wider reach to connect underserved areas and enable next-generation technologies.

Given this, Wireless Indoor Coverage helps solve long-standing industry challenges in transport operations—such as ensuring timely SMS alerts (including OTPs), enabling reliable voice calls during emergencies, and maintaining strong mobile data signals for seamless access to navigation apps, dispatch systems, and cloud-based tools.

All these innovations and their respective benefits align with the broader nationwide effort to overcome digital barriers in infrastructure, as highlighted in recent reports on wireless broadband advancements in the Philippines.

Enabling Safety, Efficiency, and Growth for Long Routes and Regional Mobility

PLDT Enterprise’s wireless solutions are designed to keep fleets connected even as they traverse remote areas and regional boundaries. Whether managing cargo transfers between provinces or maintaining communication on extended delivery routes, the solution supports stable, secure wireless access that scales with the mobility needs of the country.

This expanded reach reinforces PLDT Enterprise’s commitment to being the trusted network partner for nationwide transport transformation.

Moreover, by offering transport operators the ability to manage their wireless networks remotely via cloud platforms, the solution not only enhances operational continuity but also boosts cybersecurity and resiliency—key pillars in today’s security-sensitive landscape.

Driving Collaboration for Future Innovations

PLDT Enterprise envisions this initiative as a call to action for transportation companies, logistics operators, and public sector stakeholders to come together and reimagine how businesses move.

“We invite industry players to collaborate with us in crafting wireless solutions that are tailor-fit for their specific environments and use cases. Connectivity should move with you—and with PLDT Enterprise,” Gonzales added.

Learn more about PLDT Enterprise’s comprehensive suite of solutions, visit https://bit.ly/pldtenterprise_wireless-indoor-coverage_pr

Read More

Cashalo Secures US$75M to Boost Financial Inclusion, Hits 5 Million Loans Milestone

Cashalo Secures US$75M to Boost Financial Inclusion, Hits 5 Million Loans Milestone

Monday, June 16, 2025

Cashalo celebrates a major milestone with the signing of a US$75 million loan facility from global investment firm Community Investment Management. The partnership aims to expand access to fair and responsible digital lending for underserved communities in the Philippines, supporting Cashalo’s mission to promote financial inclusion and uplift more Filipino lives. (From L-R): Luke Stidham - President of Paloo Financing; Mac Muir - CFO of Empower; Gabby Ayala - General Manager of Paloo Financing)

Cashalo, a leading digital financial services provider in the Philippines, has secured a loan facility of up to US$75 million from global private investment firm Community Investment Management (CIM). The facility will support Cashalo’s rapidly growing business in the Philippines and further its mission to expand access to fair credit to millions of underserved Filipinos.

“This partnership will enable us to accelerate our mission to expand financial inclusion and social mobility throughout the Philippines,” said Luke Stidham, President of Cashalo. “With CIM's backing, we have an incredible opportunity to uplift even more Filipino communities by scaling our impact and ensuring more Filipinos are included in the financial system.”

Bernhard Eikenberg, a Partner at CIM for its emerging markets strategy, added: “We’re proud to support Cashalo’s mission in the Philippines. Their data-driven approach, commitment to transparency, and inclusive strategy reflect the future of responsible digital lending.”

The CIM partnership comes as Cashalo marks its first anniversary as part of Empower Finance, a US-based fintech committed to democratizing access to fair credit. In the past year, Cashalo has significantly expanded its digital lending capabilities, improving customer experiences and increasing opportunities for financial inclusion across the country. To date, Cashalo has granted almost 5 million loans to Filipinos.

As part of this new chapter, Cashalo is introducing a refreshed brand identity that reflects its growth, momentum, and enduring mission. The redesigned logo features bold blue typography to convey stability and trust, complemented by golden-yellow sun rays symbolizing the optimism and resilience of the Filipino spirit.

With the new facility in place, Cashalo will continue to invest in its core digital lending business, expand product offerings, and reach deeper into underserved Filipino communities.

“We look forward to continuing our investments in the Philippines to drive financial inclusion,” said Warren Hogarth, Co-Founder and CEO of Empower Finance. “Cashalo is uniquely positioned to lead the way in delivering scalable, data-driven credit solutions that truly make a difference in people’s lives.”

To learn more, visit cashalo.com and follow us on Facebook, Instagram, and TikTok.

Read More