CCTR.38.SEP.25

Monday morning cyber coffee read CCTR.38.SEP.25

Huntress published research after a threat actor accidentally installed its EDR trial, giving the company an unprecedented three-month window into the attacker’s daily tradecraft. The publication sparked debate across the cybersecurity community. Supporters praised the transparency and unique intelligence, while critics raised ethical concerns, questioning whether Huntress had crossed into intelligence collection or “hack back.”

In my view, Huntress made it clear the visibility came through standard EDR operations, and that their duty was to respond to threats and share lessons with the wider community. To me, that’s fair game.

Huntress post https://www.huntress.com/blog/rare-look-inside-attacker-operation

Debate https://www.theregister.com/2025/09/12/huntress_attacker_surveillance/

SAP released 25 new and updated Security Notes in its September 2025 Patch Day, including four HotNews advisories (CVSS 9.0–10.0) and four High Priority advisories (CVSS 7.0–8.9). Some of these may come in handy for your upcoming SAP penetration tests.

Regardless of whether an organisation uses SAP, it is critical to assess application security vulnerabilities promptly and integrate them into a structured patch management process. Patching the operating system alone is not enough, applications must also be updated to ensure they remain secure.

Onapsis https://onapsis.com/blog/sap-security-notes-september-2025-patch-day/

Fiji will release its National Cybersecurity Strategy 2025–2030 later this year, setting a vision for a cyber safe, secure, and resilient nation. The strategy will follow nationwide consultations and builds on lessons from Australia’s Cybersecurity Strategy.

Australia is working closely with Fiji to strengthen resilience, including joint work on the Laqatoi Declaration for a Pacific-wide cyber plan and co-authoring positions at the UN Open-Ended Working Group (UNOEWG) on ICT security. Fiji has also joined the Budapest Convention on Cybercrime and will expand cooperation with Australia to combat cybercrime.

Exciting times ahead. Organisations in Fiji should begin preparing now to align with the forthcoming National Cybersecurity Strategy.

https://www.fijitimes.com.fj/kamikamica-cyber-safety-policy-soon

PreviousCCTR.39.SEP.25 NextCCTR.37.SEP.25

Last updated 2 months ago