Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

JUMPSEC have detected and tracked a new phishing attack campaign targeting numerous industrial sector organisations, predominately in engineering, construction, and energy sectors in the UK and US, where threat actors have consistently used a common and identifiable AITM (Adversary in the Middle) phishing kit throughout March 2025. At-risk organisations should take steps to reduce the risk of compromise as the infrastructure detailed below continues to be leveraged by threat actors.

A recent joint threat advisory from the FBI, CNMF, NSA (18 September 2024), highlights the extent of Chinese-affiliated threat actors’ ongoing botnet campaigns which seek to compromise thousands of internet-connected edge devices over a sustained period. This campaign, known as Oriole, is just one of several such active campaigns observed since 2020. JUMPSEC observations indicate that law enforcement has not yet disrupted the botnet, and indicators of compromise (IOCs) are likely ongoing.

Supply chain attacks are a growing concern, particularly within the financial sector, with attackers increasingly using key technology suppliers as a ‘jumpbox’ to pivot into their intended target organisation. Last year’s MOVEit breach for instance saw a single ICT supplier ultimately cause ~2,356 organisations to be compromised, with primary victims predominantly in the financial sector.

As cyber threats evolve, the importance of attack surface monitoring has never been clearer. In today’s interconnected world, businesses face an unprecedented level of exposure. From web applications and cloud infrastructure to employee credentials and third-party SaaS integrations, your digital footprint offers numerous entry points for potential attackers.

The ability to manage and monitor your attack surface is no longer a luxury—it’s a necessity. The rapid expansion of networks, coupled with the shift to cloud computing and remote work, has created a vast and ever-changing attack surface that requires constant vigilance. This article delves into the most effective attack surface management tools and techniques, offering insights into how they can bolster your cyber security posture and safeguard your organisation against evolving threats.

In today’s interconnected world, cyber threats continue to evolve at a rapid pace. As businesses grow more reliant on digital systems and services, the cyber security attack surface—the totality of an organisation’s digital exposure—has expanded, increasing the risks faced by security teams. The complex nature of these threats calls for a more adaptive and responsive approach to security, particularly in identifying and mitigating vulnerabilities before they can be exploited.

There is a pressing need to protect an organisation’s digital assets against cyber attacks and it has never been more critical. The increasing complexity and dynamic nature of IT environments mean that traditional security measures often fall short. This has led to the emergence of new defensive approaches, such as attack surface management (ASM) that proactively safeguard against cyber threats.

In the dynamic field of cybersecurity, two essential practices stand out: Ethical Hacking and Vulnerability Assessment. Both play critical roles in safeguarding digital assets, yet they serve different purposes and employ distinct methodologies. Understanding the differences, their place in cybersecurity, and when to deploy each tactic is crucial for maintaining a robust security posture.