As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- UK: Jaguar Land Rover rescued with £1.5bn Government loan after cyber attack
September 28, 2025
The Government has agreed to support Jaguar Land Rover (JLR) with a loan guarantee expected to unlock £1.5billion to support its supply chain. JLR suspended production at its UK factories following the cyber attack on 31 August, including the one in Halewood on Merseyside. The announcement follows the Business Secretary’s visit to JLR and supply chain ...
- CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices
September 25, 2025
Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333 and CVE-2025-20362 to the Known Exploited Vulnerabilities Catalog. The Emergency Directive requires federal agencies to identify, analyze, and mitigate potential compromises immediately. Agencies ...
- UK: Jaguar Land Rover facing costs of “millions per week” following cyberattack due to a lack of insurance cover
September 25, 2025
Jaguar Land Rover could be facing the full financial impact of its recent cyberattack after reportedly failing to secure cyber insurance before the incident struck. The attack, which came to light on September 2025, forced the carmaker to shut down its IT networks and halt production at its three UK factories. The disruption is believed to ...
- This Is How Your LLM Gets Compromised
September 24, 2025
Plainly speaking, Artificial intelligence is no longer a fringe technology. It has become a core component of modern business, from customer service chatbots to complex data analysis. We often treat the Large Language Models (LLMs) that are at the core of this technology as trusted black boxes. But like any software, they can be tampered with, ...
- Serious Microsoft Entra flaw could have let hackers infiltrate any user – patch now
September 22, 2025
Security researchers have found a critical vulnerability in Microsoft Entra ID which could have allowed threat actors to gain Global Administrator access to virtually anyone’s tenant – without being detected in any way. The vulnerability consists of two things – a legacy service called “actor tokens”, and a critical Elevation of Privilege bug tracked as CVE-2025-55241. ...
- Samsung patches zero-day security flaw used to hack into its customers’ phones
September 16, 2025
Samsung says it has fixed a zero-day security vulnerability that is being used to hack into its customers’ phones. The phone maker said the security flaw, discovered in a software library for displaying images on Samsung devices, allows hackers to remotely plant malicious code on Samsung devices running Android 13 through the most recent version, Android ...

