Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 34

Welcome to this week’s cybersecurity roundup, where we dive into the most pressing threats and vulnerabilities shaping the digital landscape. From a Critical Zero Day in Plesk Obsidian Allowing Admin Access to Attackers Hijacking Google’s Gemini AI via Malicious Google Calendar Invites, and the emergence of the Warlock Ransomware with Double Extortion Strategy, it’s been a busy period for security professionals. We’ll also examine how a Dutch Cyberattack Left Speed Cameras Inoperable and discuss why Weak Passwords and Compromised Accounts Remain Top Security Risks, according to the latest Blue Report.

Compliance

A 3 Step Resilience Plan Irish Credit Unions Need After the Central Banks IT Risk Review

The Central Bank of Ireland’s thematic review on IT risk was a direct and unambiguous call to action for the entire Irish Credit Union sector. With a hard 18-month deadline, the regulator has made it clear: the ultimate responsibility for IT risk, security, and resilience now rests squarely on the shoulders of the board. For many board members, who are committed volunteers from the local community, this presents a significant challenge.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 33

Week 33 of 2025 brought a series of high impact cybersecurity incidents and critical vulnerability disclosures, underscoring the ongoing pressure on organisations to maintain robust defences. Major vendors, including Zoom, Xerox and Microsoft, released urgent security updates addressing severe flaws, while Fortinet warned of a global brute force campaign targeting its SSL VPNs. On the threat actor front, ShinyHunters claimed responsibility for a significant breach of Salesforce CRM data at Google and Dutch authorities confirmed a cyberattack compromising the records of nearly half a million cancer patients.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 32

Week 32 of 2025 brought a wave of high impact security disclosures and emerging threats across enterprise, cloud and endpoint environments. From Google unmasking a vishing campaign targeting Salesforce users to SonicWall probing reports of a potential SSL VPN zero-day, the week underscored how trusted technologies are increasingly being exploited. Vulnerabilities in widely used platforms, including Trend Micro Apex One, Dell firmware, Microsoft Exchange and the Cursor AI editor, raised serious concerns about patching speed and persistent access risks.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 31

Week 31 of 2025 saw a series of significant cybersecurity events, highlighting the ongoing challenges facing digital infrastructure and security operations. Apple and Google both responded to active threats. Apple patched a critical WebKit zero day also affecting Chrome, while Google launched the open beta of DBSC to bolster browser security. Law enforcement scored a significant victory as arrests related to the notorious Scattered Spider group disrupted operations, though copycat actors remain a lingering threat.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 30

Week 30 of 2025 saw a surge in cybersecurity developments spanning policy, infrastructure vulnerabilities, advanced threat campaigns and law enforcement action. The UK took a firm stance on ransomware by introducing a public sector payment ban and mandatory reporting requirements, aiming to break the financial incentives behind these attacks. Meanwhile, a critical zero-day vulnerability in Microsoft SharePoint is being actively exploited, prompting urgent patching and mitigation efforts. Google unveiled its OSS Rebuild initiative to strengthen open-source software integrity and prevent supply chain tampering.