Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 26

In this weeks cybersecurity news, organisations across sectors, from education to enterprise tech, have been confronted with both new risks and regulatory shifts. In Ireland, the City of Dublin Education and Training Board faces a hefty €125,000 fine after failing to safeguard sensitive student grant data, while the country simultaneously launches a national cybersecurity framework inspired by NIST standards to boost organisational resilience. Meanwhile, vulnerabilities in popular technologies have raised alarm bells worldwide.

Vulnerability

Maximising Your Cybersecurity with the NCSC Cyber Improvement Grant

Organisations that have taken advantage of Enterprise Ireland’s Cyber Security Review Grant have gained a comprehensive assessment of their cybersecurity posture, identified key vulnerabilities, and received a clear roadmap to strengthen their cybersecurity measures. After benefiting from this initial review, your organisation can move forward with the Cyber Improvement Grant to implement these recommendations. With applications closing on July 31st, now is the perfect time to take this next step.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 25

This week’s roundup features a diverse range of threats, from the abuse of open-source hacking tools to innovative phishing tactics bypassing two-factor authentication. A staggering 16 billion login credentials have been exposed in what researchers are calling one of the largest data breaches in history, raising serious concerns about credential hygiene and the widespread use of infostealer malware. Ireland’s National Cyber Security Centre has issued a new warning on the growing threat of SMS pumping, while ransomware attacks continue to cause widespread disruption, with supply chain firm Chain IQ and NHS service provider Synnovis both falling victim—impacting data and delaying over 1,100 operations.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 24

This week in cybersecurity, Microsoft addressed 67 vulnerabilities, including a critical WebDAV zero-day currently being exploited in the wild. Meanwhile, Windows users face a new threat with the emergence of Myth, a Rust-based stealer malware capable of extracting sensitive information. In the enterprise space, over 20 configuration risks were uncovered across Salesforce Industry Cloud deployments, raising concerns about potential data exposure. On the global stage, INTERPOL has made significant progress by dismantling 20,000 malicious IP addresses tied to 69 different malware strains, in one of the largest cybercrime operations to date.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 23

This week’s developments highlight the growing complexity of the threat landscape, from long-exploited vulnerabilities in widely used platforms to new malware strains and critical infrastructure exposure. Among the key stories, Fortinet users are urged to take immediate action to patch a high-severity flaw, and researchers have uncovered a decade-old vulnerability in Roundcube Webmail still affecting systems today. Meanwhile, the Crocodilus Android trojan is spreading globally, and international authorities have successfully dismantled AVCheck, a tool used by cybercriminals to test malware evasion.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 22

This week’s major security stories highlight the growing scale, complexity, and diversity of modern attacks, spanning massive credential leaks, third-party supply chain risks, AI abuse, and cloud misconfigurations. A staggering data breach has exposed 184 million login credentials tied to major platforms like Google and Microsoft, while Adidas has confirmed a breach stemming from a compromised third-party service provider. Meanwhile, the ViciousTrap botnet is actively exploiting a Cisco vulnerability to hijack over 5,000 devices globally.