|
By Sean Moran
Vect is a newly observed RaaS operation that emerged in December of 2025, with affiliate recruitment and victim postings following shortly after in January 2026. Following the 19th of March 2026 Trivy/LiteLLM supply chain attack conducted by TeamPCP, in which ~340 GB uncompressed data was stolen, Vect announced on the dark web forum “Breached” that they would be partnering with TeamPCP.
|
By Sean Moran
This report documents a direct operational link between the exposed infrastructure of Iranian threat actor MuddyWater and TAG-150 CastleRAT malware – a modular malware-as-a-service (MaaS) platform developed by Russian-speaking cybercriminals.
|
By Jack Lewis
ALBIRIOX is an Android-focused Remote Access Trojan (RAT) with the potential to impact organisations operating cloud/SaaS environments where employees access corporate resources and files from personal mobile devices.
|
By Daniel Tannenbaum
The cost of hiring an outsourced cyber security company can start from as little as £500 per month, or £10,000 or higher for large companies. For global multi nationals, it wouldn’t be unreasonable to spend millions on cyber security and to protect yourself against an attack of data breach. Companies have the option to use ongoing monthly services to detect potential threats, or the opportunity to do one-off tests to check for vulnerabilities such as penetration testing or red teaming.
|
By Daniel Tannenbaum
AI attacks pose real risks for companies because of their ability to scale and automate attacks like brute force attacks, smarter malware, deep fakes and advanced phishing. Attacks that were once slow, manual and easy to spot are now becoming faster, more sophisticated and harder to detect. UK government research shows that 32% of UK businesses have experienced a cyber attack in the last year, and experts warn that AI could make this number rise significantly.
|
By Daniel Tannenbaum
Outsourcing cyber security is becoming increasingly common for UK organisations of all sizes. With cyber threats growing every year, many businesses simply do not have the in-house resources, staff, or specialist skills to stay protected. Recent UK government data shows that 48% of small businesses experienced a cyber breach in the last 12 months, and over 70% of companies say they lack the internal expertise needed to manage cyber risks effectively.
|
By Sean Moran
As Jaguar Land Rover (JLR) announces a return to operations after a six-week disruption, a lengthier, less publicised UK-based cyber-attack recovery remains unresolved. Perhaps the relative quiet is because Colt Technology Services, a critical connectivity and trading network serving major banks and stock exchanges in ~30 countries, is not a household name like JLR, Co-Op, or M&S. Or perhaps it’s because the narrative doesn’t fit the now-expected Scattered Spider storyline.
|
By Donna Stobart-Hook
The UK will ban public bodies from paying ransoms and introduce new reporting rules for ransomware incidents. Public sector organisations must prepare to recover without paying. Private firms must notify the government if they plan to pay. Attackers may shift focus to private targets and use data leaks over encryption. Organisations need better visibility, response readiness, and tested recovery plans. Payment is no longer a fallback.
|
By [email protected]
In many organisations, the security operations centre (SOC) is overwhelmed. The volume of alerts coming from tools like Sentinel, Defender for Endpoint, and Cloud Apps is high—and growing. Spending more time triaging noise than they are stopping real threats, does this sound familiar? This isn’t about analyst headcount or tool choice. It’s about architecture.
|
By [email protected]
Cyber teams are busy. Tools are deployed. Alerts are flowing. Dashboards light up with scores, heatmaps, and recommendations. But when I ask one simple question — “What does this mean for the business?” – I often get technical jargon or vague reassurances. That’s a problem. When cyber risk isn’t expressed in terms the business understands — continuity, customer trust, regulatory exposure, and revenue impact — it becomes abstract.
|
By JUMPSEC
Eagle Eye, CEO Steve Rothwell explains how the JUMPSEC Continuous Attack Surface Management (CASM) service supports their organisation.
|
By JUMPSEC
Matt Lawrence, Director of Cyber Security Operations, shared his insights on why cyber prevention is table stakes. Why cyber resilience is the goal. What happens after an attacker gets in?How do we limit the blast radius?Can we continue to operate even during a breach? Why and how you need to build cyber resilience against modern cyber threats.
|
By JUMPSEC
JUMPSEC explains how CASM -continuous attack surface management adds another layer of intelligence. CASM continuously monitors dark web forums, illicit marketplaces, and underground communities where threat actors discuss vulnerabilities, trade stolen credentials, and plan their next attacks. Uncovering early warning signs that traditional tools miss.
|
By JUMPSEC
Our CEO explains why we have launched Continuous Attack Surface Management and how it will alert you to vulnerabilities before attacks.
|
By JUMPSEC
Head of CASM Bjoern Schwabe explains what is Continuous Attack Surface Management, and how is it different to traditional Attack Surface Management.
|
By JUMPSEC
The JUMSPEC Detection and Response Team talk about their journey with Microsoft Sentinel. Based on experiences taking this approach on with clients, the challenges they have faced and the solutions they pushed to address them.
|
By JUMPSEC
Inside Continuous Attack Surface Management - Bjoern Schwabe - Head of CASM, explains how we navigate data complexities, filter crucial insights and only true positives to secure your digital footprint. Through real-world examples, bridging the gap between technical intricacies and managerial understanding, gaining clarity on the vital role CASM plays in cybersecurity.
|
By JUMPSEC
A red teamer’s forecast – Cloudy with a chance of hacks Our adversarial simulation team will outline how attackers exploit cloud infrastructure and offer strategies to counter their efforts. Key insights involve recognising significant security risks in cloud adoption, including emerging attack vectors, comprehending hacker tactics in cloud settings, and swiftly implementing effective measures to safeguard cloud environments.
|
By JUMPSEC
Ransomware Update An insight into ransomware actor’s changing approaches focus on the issues and developments that matter most.
- April 2026 (2)
- March 2026 (1)
- November 2025 (3)
- October 2025 (1)
- August 2025 (6)
- July 2025 (3)
- June 2025 (3)
- April 2025 (1)
- February 2025 (1)
- October 2024 (3)
- September 2024 (5)
- August 2024 (3)
- July 2024 (2)
- June 2024 (4)
- March 2024 (1)
- February 2024 (1)
- January 2024 (6)
- November 2023 (1)
- October 2023 (2)
- August 2023 (1)
- June 2023 (1)
- May 2023 (1)
- April 2023 (2)
- March 2023 (1)
- January 2023 (3)
- December 2022 (2)
- November 2022 (3)
- October 2022 (1)
- September 2022 (1)
- August 2022 (6)
- February 2022 (2)
- November 2021 (1)
- September 2021 (1)
- August 2021 (1)
- July 2021 (1)
- May 2021 (2)
- April 2021 (1)
- March 2021 (1)
- September 2020 (1)
- May 2020 (5)
- February 2020 (1)
- January 2020 (4)
JUMPSEC’s mission is to change the way the organisations deal with security and enable organisations to use the security they have invested in to the fullest. Incrementally improving organisations cyber security protection year on year.
We offer a range of defined cyber security solutions to enable our clients to secure against cyber threats, and specialise in applying our broad cyber security capabilities to design and deliver custom projects and innovative solutions. The list below isn’t exhaustive and we regularly combine elements (and add new ones) to create custom solutions, solving unique challenges and realising specific outcomes for our clients.
Future proof your cyber defences and realise genuine improvement over time with offensive, defensive, and strategic cyber security solutions, delivering the outcomes you need by combating the threats you face.
- Offensive: Replicating real-world cyber threats, leveraging current threat intelligence to accurately and authentically simulate adversarial tactics, techniques and procedures.
- Defensive: Configuring, implementing, and tuning controls to build resilient network defences, high-fidelity detection, and effective response to combat even the most advanced attackers.
- Strategic: Applying best practices, policies, frameworks and standards to create effective cyber transformation programmes, balancing risk reduction with the cost of change.
Future proof your cyber defences and realise genuine improvement over time.