News Roundups
Here you can access the latest 48hr Global News Roundups from DFM
We scour the internet to find the latest stories relating to:
DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy, and Standards & Compliance
We also provide an Editorial Perspective and a Reference List for further reading.
Sign up now to get these emailed direct to your inbox.
NEWS ROUNDUP – 27th October 2025
Qilin ransomware tactics evolve, commercial spyware resurfaces, and municipal services face fresh extortion pressure. A Lanscope zero-day and BIND 9 risks demand swift patching, while Singapore tackles SIM-fraud networks on the ground. New supply-chain ransomware guidance and crypto-finance sanctions signal policy tightening. Plus, standards shifts in ICMPv6 and hashing preview changes coming to defensive stacks.
NEWS ROUNDUP – 24th October 2025
CISA issues new ICS advisories, Pwn2Own researchers reveal 34 zero-days, and Microsoft warns of AI-driven cyberattacks. Global investigations continue into SharePoint ToolShell exploitation and healthcare data breaches. Law enforcement seizes $14 billion in cryptocurrency, while NIST and ISO release new cybersecurity standards shaping compliance, risk management, and DFIR priorities for enterprises worldwide.
NEWS ROUNDUP – 22nd October 2025
Global DFIR highlights include 34 zero-days chained at Pwn2Own Ireland and active Oracle E-Business Suite exploitation confirmed by CISA. Microsoft detailed Blob Storage attack chains, while Muji and Verisure faced major breaches. UK police secured major online abuse convictions. NIST and the EU advanced supply-chain and cybersecurity certification initiatives, signalling rising compliance expectations.
NEWS ROUNDUP – 20th October 2025
Envoy Air and Prosper breaches dominate this 48-hour cycle, alongside China’s cyber-espionage allegations against the U.S. and new F5 patches issued after a major breach. GDPR enforcement, sanctions on scam networks, and NCSC’s annual review add regulatory weight. DFIR teams face converging challenges across extortion, compliance, and state-linked threat activity.
NEWS ROUNDUP – 17th October 2025
Microsoft dismantles Rhysida ransomware infrastructure and CISA issues 13 new ICS advisories, while breaches hit Sotheby’s and Malaysia’s Regency Hospital. California enforces a 30-day breach notification rule as ISO refreshes privacy standards. DFIR teams face renewed scrutiny of trust stores, industrial systems, and rapid-response readiness amid tightening global regulatory and law-enforcement actions.
NEWS ROUNDUP – 15th October 2025
Microsoft’s October Patch Tuesday, new CISA KEVs, and Oracle’s emergency ERP fixes headline a high-intensity 48-hour cycle. Law enforcement advanced with major crypto-fraud indictments and the UK ICO’s £14 million Capita fine. Global advisories from the NCSC and ISO refreshed defence and privacy standards, underscoring the convergence of regulatory accountability, ERP exploitation risk, and industrial system resilience.
NEWS ROUNDUP – 13th October 2025
Ransomware, data leaks, and zero-days dominated the past 48 hours. Qantas confirmed customer data was posted online, while Texas officials battled a municipal network breach. Healthcare ransomware rose 30%, and Apple doubled its top bug bounty. Germany’s rejection of EU “chat control” rules underscores encryption’s central role as DFIR teams confront escalating third-party and exploit risks.
NEWS ROUNDUP – 10th October 2025
A sweeping 48-hour snapshot reveals Oracle E-Business Suite exploitation driving global extortion, Discord’s vendor breach exposing 70,000 IDs, and new CISA KEV and ICS advisories. Law enforcement seized BreachForums’ latest domain, while Clearview AI lost a key UK tribunal case. ENISA’s 2025 threat report underscores accelerating vulnerability exploitation and ransomware persistence worldwide.
NEWS ROUNDUP – 8th October 2025
CISA expands its Known Exploited Vulnerabilities list as Microsoft investigates active GoAnywhere MFT attacks. Japan’s Asahi Group faces a ransomware claim, while UK police arrest teens behind the Kido Nurseries breach. New NCSC guidance urges observability and proactive threat hunting. Global DFIR teams should prioritise patching, token hygiene, and compliance readiness amid rising cross-sector intrusions.
Advertisements
