Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Invisible Threat: Rethinking OT Security for Clean Energy and National Infrastructure

A recent revelation of a Chinese-manufactured “kill switch” embedded in power inverters has reignited global conversations about cyber risk, supply chain vulnerabilities and geopolitical dependencies in the Operational Technology (OT) ecosystem.

June 16, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: BruteForce Attack Against Apache TomCat Manager GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, GreyNoise registered well above baseline volumes, indicating a deliberate attempt to identify and access exposed Tomcat services at scale.

OT Security Lessons from the Trenches: Patterns and Pitfalls from BACS Assessments

The convergence of Building Automation and Control Systems (BACS) and smart building innovation within operational technology (OT) is helping to drive technological and environmental advances. However, it is also contributing to the emergence of significant security vulnerabilities and threats.

June 9, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: Proof of Concept Exploit Released for CVE-2025-32756 Further to Kroll reporting in May regarding a critical zero-day vulnerability, CVE-2025-32756 in Fortinet, is now being actively exploited in the wild, with attackers using a crafted AuthHash cookie to gain control of affected systems.

June 2, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: MATLAB dev confirms ransomware attack behind service outage MathWorks, the developer of the popular MATLAB numeric computing platform and the Simulink simulation, has disclosed it suffered a ransomware attack beginning on May 18, 2025. The attack impacted online applications used by customers as well as internal staff systems.

Known vs. Unknown Risks: The Role of the Enterprise Risk Retainer in Preparing for the Future

Preparing for risk is critical to ensuring organizational resilience, but what about the risks that can’t be planned for? Businesses frequently fall into the trap of strategizing only for known risks—those that are easily anticipated—while failing to recognize their blind spots in relation to unknown risk events.

May 27, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: Joint Cybersecurity Advisory released on KTA007 (APT28) A joint advisory has been released warning of Russian-attributed threat actors targeting western logistics entities and technology companies since 2022. Microsoft leads global action to disrupt LUMMASTEALER Microsoft’s Digital Crimes Unit has recently seized and facilitated the takedown, suspension, and blocking of approximately 2,300 malicious domains that formed the backbone of LUMMASTEALER infrastructure.

May 19, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: Coinbase Insider Threat Leads to Theft of Customer Data Coinbase has released a blog post and filed an SEC Form 8-K reporting an incident whereby they received an email attempting to extort the company for $20m. According to the post, the threat actors approached customer support staff and “used cash offers to convince a small group of insiders to copy data in our customer support tools”. Stolen data includes personal details including identity documents and account data include balance and transaction history.