Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

    August 1, 2025

    In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs. While credential access through brute force, dictionary attacks, and credential stuffing have not yet ...

  • Apple patches multiple vulnerabilities in iOS and iPadOS. Update now!

    July 30, 2025

    Apple released a security update for iOS and iPadOS to patch multiple vulnerabilities, including one that could leak sensitive information when visiting a malicious website and one that allows an attacker to display false information in the address bar. In total, 29 vulnerabilities were patched, most of them in WebKit, Apple’s web rendering engine that powers ...

  • ToolShell: a story of five vulnerabilities in Microsoft SharePoint

    July 25, 2025

    On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of on-premise SharePoint servers. According to the reports, observed attacks did not require authentication, allowed attackers to gain full control over the infected servers, and were performed using an exploit chain of two vulnerabilities: CVE-2025-49704 and CVE-2025-49706, publicly named “ToolShell”. Additionally, ...

  • Carnegie Mellon researchers show how LLMs can be taught to autonomously plan and execute real-world cyberattacks

    July 24, 2025

    In a groundbreaking development, a team of Carnegie Mellon University researchers has demonstrated that large language models (LLMs) are capable of autonomously planning and executing complex network attacks, shedding light on emerging capabilities of foundation models and their implications for cybersecurity research. The project, led by Ph.D. candidate Brian SingerOpens in new window, a Ph.D. candidate ...

  • Proactive Email Security: The Power of AI

    July 24, 2025

    Cybercriminals are using AI to launch faster, more targeted attacks—impersonating executives, bypassing filters with QR phishing or AI-driven deception techniques, and exploiting human error to cause financial and reputational damage. Traditional defenses can’t keep up. This report explores how AI-powered email security can proactively defend against today’s most pressing threats—like business email compromise (BEC), QR phishing ...

  • Mitel Releases Security Advisories for MiVoice MX-One and MiCollab

    July 24, 2025

    Mitel has released security advisories to address vulnerabilities in Mitel MiVoice MX-ONE and MiCollab, which are cloud-based platforms that help manage business communications. The critical vulnerability, which has no CVE identifier at the time of publishing this Cyber Alert, affects Mitel MiVoice MX-One and is an authentication bypass vulnerability with a CVSSv3 score of 9.4. Successful ...