Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

centripetal

Does Higher Ed Mean Higher Risk? Why University Campuses Are Under Threat

Mar 26, 2025 By Lauren Farrell In Centripetal
Universities are built for openness, but that openness comes with a steep price. Higher education institutions face an average of 3,574 cyberattacks per week, the highest of any industry. With open networks, unmanaged devices, and critical research infrastructure, they have become a prime target for cybercriminals, nation-state actors, and ransomware groups.
Read Post
centripetal

Security Bulletin: Critical Vulnerabilities in Kubernetes Ingress NGINX Controller

Mar 26, 2025 By Lauren Farrell In Centripetal
CVE-2025-1974 is a critical remote code execution (RCE) vulnerability in Kubernetes’ Ingress-NGINX Controller that allows unauthenticated attackers with network access to inject arbitrary NGINX configuration directives, potentially leading to full cluster compromise. Ingress-NGINX is a software-only ingress controller provided by the Kubernetes project. Because of its versatility and ease of use, ingress-nginx is quite popular: it is deployed in over 40% of Kubernetes clusters.
Read Post
cyjax

Top 10 Threat Intelligence Jobs in the UK

Mar 25, 2025 By Shail Yadav In CYJAX
The global threat intelligence market size was valued at USD 5.80 billion in 2024. The market is projected to grow from USD 6.87 billion in 2025 to USD 24.05 billion by 2032, exhibiting a CAGR of 19.6% during the forecast period. This tremendous growth translates into an increase in both the supply and demand for skilled professionals in threat intelligence.
Read Post
centripetal

Security Bulletin: GitHub Action Supply Chain Attack - reviewdog/action-setup

Mar 25, 2025 By Lauren Farrell In Centripetal
On March 11, 2025, a supply chain attack targeting the widely used GitHub Action reviewdog/action-setup@v1, leading to the exposure of sensitive CI/CD secrets across multiple repositories. The attack was identified by Wiz Research, which determined that this compromise played a pivotal role in the tj-actions/changed-files incident (Wiz, 2025).
Read Post
centripetal

Enhancing Cybersecurity in Higher Education: A Shift-Left Approach

Mar 25, 2025 By John Owens In Centripetal
Securing a Higher Education Campus remains a significant challenge. There is a direct conflict between the open collaborative nature of our advanced institutes of learning and the perennial need to lock down all sources and targets of cyber threats. For example, in an EDUCAUSE survey, it identified cybersecurity as the number one IT issue for universities in 2024, reflecting the immense pressure on security teams.
Read Post
cyjax

Ultimate Guide: Leveraging Intelligence to Prevent Card Fraud

Mar 24, 2025 By Cymon In CYJAX
Card fraud is evolving—fast. With unauthorised payment card fraud surpassing £275 million in the first half of 2024, businesses face increasing financial and reputational risks. Fraudsters steal physical cards, breach databases, and exploit digital channels, making fraud a low-risk, high-reward crime. The consequences? Lost revenue, customer trust, and compliance fines, with the average UK data breach now costing £3.5 million.
Read Post

March 24, 2025 Cyber Threat Intelligence Briefing

Mar 24, 2025 By Kroll In Kroll
March 24, 2025 Cyber Threat Intelligence Briefing This week’s briefing covers: KTA134 (BLACKBASTA) Chats Suggests Help From Russian Officials Upon review of leaked chat logs, it appears that KTA248 (Oleg Nefedov, GG, Tramp, Kurva) was able to evade trial by eliciting the help of Russian government officials. Supply Chain Attack Leaks Secrets from GitHub A supply chain attack on the popular GitHub Action tj-actions/changed-files caused many repositories to leak their secrets over the weekend.
View Video
centripetal

Security Bulletin: QakBot/Qbot Malware

Mar 20, 2025 By Lauren Farrell In Centripetal
QakBot (also known as Qbot or Pinkslipbot) is a highly adaptive malware that has evolved over the past decade to evade security defenses. Initially developed as a banking trojan to steal financial data, it has since expanded its capabilities, employing advanced evasion techniques and a modular architecture to facilitate credential theft, lateral movement, and ransomware deployment.
Read Post
cyjax

Maximising the Value of Threat Intelligence

Mar 20, 2025 By Shail Yadav In CYJAX
To stay ahead of evolving cyber threats, it’s not just data that is needed—it is actionable intelligence. With the increasing complexity of attacks, regulatory pressures, and resource constraints, it’s essential to have a proactive approach to threat management. This whitepaper, Maximising the Value of Threat Intelligence, is a strategic, actionable guide tailored for CISOs and security teams.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.