As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- The Lifecycle Dilemma: Navigating Cybersecurity Risks Across Designing, Constructing and Operating a Vessel
March 12, 2025
The Lifecycle Dilemma: Navigating Cybersecurity Risks Across Designing, Constructing and Operating a Vessel delves into the shifting risks and disconnected approaches in cybersecurity across each stage from initial design through to its operation and maintenance. It outlines the roles, responsibilities, challenges and misconceptions of various stakeholders at each stage of the vessel lifecycle. Thetius latest report, ...
- Bank Of America Alerts Customers To Data Breach, Offers Identity Theft Protection For Affected Accounts
March 11, 2025
The Bank of America has alerted a small group of its customers about a data breach that may have exposed confidential information. The breach, which took place on December 30, was a result of improper handling of confidential documents by a third-party document destruction service provider. The breach could have potentially exposed sensitive data, including personal ...
- Patch Tuesday – March 2025
March 11, 2025
Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware of public disclosure for one other vulnerability. This is ...
- Allstate sued for not reporting data breach of 165,000 New Yorkers
March 10, 2025
New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information. The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. ...
- Cisco Releases Security Advisory for Secure Client
March 6, 2025
Cisco has released a security advisory to address a vulnerability in its Secure Client for Windows. Secure Client is Cisco’s endpoint virtual private network (VPN) solution. CVE-2025-20206 has a CVSSv3 score of 7.1 and if exploited could allow an authenticated, local attacker to achieve arbitrary code execution (ACE) on the affected machine with SYSTEM privileges via ...
- Unpacking a B2B Business Email Compromise (BEC) Scenario
March 5, 2025
When an organization is subject to a Business Email Compromise (BEC), a single email could result in substantial monetary losses. Threat actors employing such tactics could employ different techniques, ranging from simple to advanced, and have seen increased activities yearly. A recent investigation examined not a typical BEC scenario where a threat actor simply sends a ...

