As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- Bournemouth University receives £2.3 million to boost regional and national cyber security
November 19, 2025
Bournemouth University has been awarded nearly £2.3 million by the Office for Students to develop a new Cyber Competence Centre that will address regional and national cyber skills gaps. As well as upgrading the university’s existing facilities, the investment will be used to launch a new, AI-powered, Security Operations Centre of the Future for students to ...
- Tens of thousands more ASUS routers pwned by suspected, evolving China operation
November 19, 2025
Around 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard’s STRIKE team. Dubbed “Operation WrtHug”, the campaign exclusively targets end-of-life ASUS WRT routers, exploiting multiple known vulnerabilities – some dating back to 2023. The affected routers are primarily concentrated in ...
- Cloudflare outage impacts thousands, disrupts transit systems, ChatGPT, X and more
November 18, 2025
A widely used Internet infrastructure company said that it has resolved an issue that led to outages impacting users of everything from ChatGPT and the online game, “League of Legends,” to the New Jersey Transit system early Tuesday. Around 10 a.m. ET, Cloudflare said it was “continuing to monitor for errors to ensure all services are ...
- Google Releases Security Update for Chrome
November 18, 2025
Google has released security updates for Chrome to address two high severity vulnerabilities in the V8 JavaScript engine. CVE-2025-13223 – Type Confusion in V8 – High severity – Google is aware an exploit exists in the wild. CVE-2025-13224 – Type Confusion in V8 – High severity Read more… Source: NHS Digital Sign up for the Cyber Security Review Newsletter The latest ...
- Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill
November 16, 2025
As the UK Government has recognized, cyber incidents—such as Jaguar Land Rover, Marks and Spencer, Royal Mail and the British Library—are costing UK businesses billions annually and causing severe disruption. The Government recognizes that cybersecurity is a critical enabler of economic growth (“we cannot have growth without stability”), and that the current laws have “fallen out ...
- Fortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb Products
November 14, 2025
CISA is aware of exploitation of a newly disclosed vulnerability, CVE-2025-64446, in Fortinet FortiWeb, a web application firewall. This vulnerability affects the following FortiWeb versions:1 8.0.0 through 8.0.1 7.6.0 through 7.6.4 7.4.0 through 7.4.9 7.2.0 through 7.2.11 7.0.0 through 7.0.11 CVE-2025-64446 is a relative path traversal vulnerability CWE-23: Relative Path Traversal that may allow an unauthenticated ...

