News Roundups
Here you can access the latest 48hr Global News Roundups from DFM
We scour the internet to find the latest stories relating to:
DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy, and Standards & Compliance
We also provide an Editorial Perspective and a Reference List for further reading.
Sign up now to get these emailed direct to your inbox.
NEWS ROUNDUP – 6th October 2025
Oracle E-Business Suite zero-day (CVE-2025-61882) is being actively exploited, prompting global CERT advisories and extortion attempts linked to Clop. Asahi resumes operations after a ransomware-driven week-long outage. CISA adds a Meteobridge flaw to KEV. Europol spotlights cross-border data access gaps, while ETSI and ISO open security conferences shaping future compliance standards.
NEWS ROUNDUP – 3rd October 2025
The past 48 hours saw Oracle customers targeted with extortion emails, Asahi shipments in Japan disrupted by ransomware, and CISA expanding its KEV list. DFIR teams investigated child data leaks and PHI exposures, while Dutch teens faced arrest for Europol spying. Policy updates span U.S. awareness campaigns, FCC reviews, and EU/UK compliance shifts.
NEWS ROUNDUP – 1st October 2025
The latest 48-hour roundup highlights global cyber risks and responses: CISA’s emergency directive on Cisco ASA, a U.S. government breach exposing FEMA and CBP staff data, and Google’s AI ransomware detection for Drive. Switzerland’s new 24-hour reporting rule sharpens compliance deadlines, while law enforcement in Singapore charged 15 over scam-linked mule networks.
NEWS ROUNDUP – 29th September 2025
Over the past 48 hours, DFIR teams faced active Cisco zero-day exploitation, evolving macOS XCSSET tactics, and BRICKSTORM espionage. Aviation operations suffered vendor software disruption; Harrods reported a third-party breach. INTERPOL announced 260 arrests targeting sextortion scams, and the NCA detained a UK suspect. CISA issued an emergency directive; NIST published compliance updates. Organisations should prioritise patching and secure-boot verification.
NEWS ROUNDUP – 24th September 2025
Airports across Europe faced major disruption after a third-party ransomware attack, while Jaguar Land Rover extended shutdowns from a cyber incident. Boyd Gaming also reported employee data theft. CISA flagged active Chrome zero-day exploitation, and SolarWinds issued a third patch for a critical flaw. Regulators tightened GDPR fines guidance, and UK police made an arrest.
NEWS ROUNDUP – 22 September 2025
In the last 48 hours, global cyber events highlighted vendor risk and operational fragility. European airports and Jaguar Land Rover faced major disruptions from supply-chain compromises, while schools in Texas and US agencies managed ransomware recoveries. Threat actors exploited WatchGuard Firebox flaws and posted new ransomware victims. Policymakers reinforced third-party accountability as investigations deepened.
NEWS ROUNDUP – 19th September 2025
Across the past 48 hours, DFIR teams tackled Uvalde CISD’s ransomware fallout and major healthcare disclosures, while Google patched an actively exploited Chrome zero-day. Law enforcement advanced cases tied to the TfL intrusion and broader critical-infrastructure attacks. Policy and standards moved too, with the UK’s Cyber Growth Action Plan and new NIST guidance on KEMs and TLS 1.3 visibility initiatives.
NEWS ROUNDUP – 17th September 2025
Global cyber events dominated the past 48 hours, with Jaguar Land Rover’s production shutdown, Kering’s customer data breach, and Vietnam’s credit bureau hack impacting millions. Apple rushed an emergency ImageIO patch, while CISA flagged eight new ICS advisories. Law enforcement cracked scams in Singapore and Mumbai, as ENISA and OFSI advanced compliance guidance.
NEWS ROUNDUP – 15th September 2025
Over the past 48 hours, ransomware shut down a Texas school district, Panama’s finance ministry faced a major breach claim, and a Samsung zero-day was patched after active exploitation. Global law enforcement made phishing and child-exploitation arrests, while NIST closed comments on its DevSecOps draft, shaping future compliance expectations.
Advertisements
