Northwave Cyber Security

🚨 Threat Response update: Critical vulnerability in SonicOS  (CVE-2024-40766) Northwave's CERT has observed active exploitation of a critical SonicWall vulnerability in recent ransomware incidents with high impact. If you use affected Gen 6 or Gen 7 devices, immediate action is required. Read our full update for mitigation steps and recommendations:  https://lnkd.in/eHeDTMgP #CyberSecurity #ThreatResponse #SonicWall #NWCERT #IncidentResponse #VulnerabilityManagement

⚡ Your next data breach could result from good intentions Whether you have officially onboarded AI tools or not, the reality is that your workforce is using them. They’re summarising, translating, polishing copy and even coding–all with the best of intentions.  But when AI use doesn’t have ownership, clarity, and visibility, your organisation can easily face a data breach with costly consequences. In the first of our three-part blog series, Northwave Strategic Security Advisor, Michael Ivancic, MSc, CISM offers practical guidance for:   - Overcoming genAI “blind spots”  - Assessing your actual AI-related risks  - Taking your first steps towards effective AI governance 🔎 It’s time to stop guessing and start assessing. Read the article here: https://lnkd.in/eCpiBfci Contact us to find out how we can help your organisation take control of AI risks. #NorthwaveCyberSecurity #AIblindspots #AssessingAIrisks #CISOs

🚨 When a cyber incident hits, your words matter Today, we are sharing insights into communication during cyber incidents and crises. Drawing on both our own experience and insights from respected experts in the field. With our Northwave CERT, we experience firsthand how cyber incidents demand a multidisciplinary approach. That's why we have a wide range of expertise under one roof: • Forensic investigators • Recovery experts • Crisis managers • Negotiators • Mental impact advisors • Crisis communication specialists Learn how strategic crisis communication can turn chaos into leadership. This isn't theoretical guidance: it's the practical playbook you'll be happy to have read when something goes wrong. Don't wait until you're in the middle of chaos to learn what works. Respond with integrity and protect what counts: the trust of your people and partners. Because cyber incidents don't just test your systems: they test your values. Tag your communications department and download the guide now. Make sure your team has the roadmap ready when you need it most: https://lnkd.in/e_GgEQ3X

🌍 Just Released: Northwave’s 2025 Global Threat Landscape Report     How can you outpace cybercriminals? It starts with being informed.   Get a clear understanding of your current threats and risks, and how they are evolving, with our 2025 Global Threat Landscape Report.     🇪🇺 🔎 We’ve combined internal and external threat intelligence with real-world incident response experience for a sharp focus on Europe’s most important cyber threats. This report covers:  - Why nation-state threats now target organisations of all sizes, not just governments  - How ransomware tactics are shifting and what you can do to stay ahead  - Which supplier relationships pose the highest risks and how to manage them effectively  - And much more    From insights to actionable strategies–this free report is an essential resource for business resilience. 🔗 Download it here today: https://lnkd.in/euuqrEvw   #CyberSecurity #ThreatIntelligence #RiskManagement #CyberResilience #ThreatLandscape2025 

🚨 Update to Threat Response: Zero-Day Microsoft Sharepoint Vulnerability Yesterday we shared information about the zero-day Microsoft Sharepoint vulnerability CVE-2025-53770 that gives attackers remote code execution on on-premises internet-reachable SharePoint servers without requiring authentication. ℹ️ Here's what we know today:  Microsoft has now released emergency SharePoint security updates for the vulnerabilities CVE-2025-53770 and CVE-2025-53771.   The mitigations Microsoft has proposed for this issue have been the default since 2023. 🌐 In the Netherlands, the impact is limited because there are not many on-premises Sharepoint installations. However, for other European countries where on-prem Sharepoint is widely used, this could be a much more urgent issue. According to BleepingComputer, more than 50 organisations globally have been breached, including energy, AI, education, fintech, healthcare, and government entities.    Here you will find our new Threat Response, which details more about the vulnerabilities and the mitigating actions to take: https://lnkd.in/e3Svb4at  #NorthwaveCERT #ThreatResponse #Cybersecurity #IncidentResponse

Threat Response 🚨 Microsoft SharePoint Zero-Day Vulnerability Read full Threat Response here: https://lnkd.in/eyUfpr46

Threat Response 🚨 Exploitation of previous Citrix NetScaler vulnerabilities Read full Threat Response here: https://lnkd.in/eP7rA25u

🤖 Today is AI Appreciation Day! An annual moment to reflect on how Artificial Intelligence is reshaping our world and highlight important questions around technology, privacy, and ethics. While AI continues to stimulate progress, it's essential to give equal attention to privacy. These two areas are often seen as being at odds, with innovation on one side and caution on the other. But in practice, they need to be developed in tandem. Organizations that align AI capabilities with strong privacy frameworks are better positioned to build trust and reduce risk as they scale up. In the field, we see that AI-systems are only as good as the data they learn from. That data can often include sensitive personal information. Without strong privacy protections, the same technology that empowers us can also expose us. Yet, rather than being adversaries, AI and privacy can and should shake hands. Let's explore this balance clearly: 🤝 Three ways AI and privacy are shaking hands: ❗ Risk/Concern: Unreliable or biased data can lead to sensitive data exposure. ✅ Trend/Opportunity: Privacy-preserving AI techniques, like Federated Learning, allow AI to learn from decentralized data without compromising individual privacy. For instance, Google's Gboard uses Federated Learning to improve predictive typing without collecting personal messages. ❗ Risk/Concern: Fear of surveillance and loss of control over personal data. ✅ Trend/Opportunity: Differential Privacy adds mathematical 'noise' to datasets, protecting individual identities while enabling valuable insights. Recently, Apple's integration of differential privacy in their analytics showcases how user privacy can coexist with data-driven innovation. ❗Risk/Concern: Increasing complexity of AI systems makes privacy compliance challenging. ✅ Trend/Opportunity: AI itself helps solve privacy challenges by automating compliance with data protection regulations like the GDPR and by detecting cyber threats in real-time, proactively protecting sensitive information. When AI and privacy collaborate, innovation thrives responsibly. Let's support those working towards a future where technology not only empowers us but respects our fundamental right to privacy. AI Appreciation Day reminds us to appreciate AI not just for what it achieves, but for how it achieves it: ethically, responsibly, and transparently. #AI #AIApprecationDay #NorthwaveCyberSecurity 📷 AI: Chatgpt

🚢 How does the CISO of one of Europe’s busiest ports see the global threat landscape? And how does Northwave provide support? Ahead of the NATO summit in The Hague, we had a quick word with the CISO of the Port of Rotterdam Marijn van Schoote to discuss how rising geopolitical tensions are influencing cyber risk—and what it means for critical infrastructure. 🎥 Watch what he had to say in the following video. ‼️ If you want to read a detailed report on the current global threat landscape, follow the link in the comments to download our newest research, conducted and summarized by our experts in the brand new 2025 Global Threat Landscape report! #CyberSecurity #Geopolitics #CriticalInfrastructure #NATO #PortSecurity #ThreatLandscape #Rotterdam #CISOInsights

🚢 Cyber Security Conference 2025 | SS Rotterdam From the iconic decks of the ss Rotterdam, we brought together 160 clients for a day of knowledge-sharing and meaningful connection at our Cyber Security Conference 2025. Watch the aftermovie now and experience the energy that made this event so special. Some key highlights of the event: 🎤 Opening Keynote: The conference kicked off with an insightful keynote from a former Chief of Defense of The Netherlands, Peter van Uhm, discussing the importance of proactive defense mechanisms and a vital part of security: Trust (in oneself and your peers). 💬 Panel Discussions and Workshops: Our experts from various sectors engaged in thought-provoking discussions on topics such as the current cyber threat landscape, AI-driven security solutions, regulatory challenges, and the future challenges. Attendees participated in hands-on workshops covering areas like incident response, employee awareness, crisis readiness, leadership in cybersecurity, data protection in regards to AI and more. 🤝 Networking Opportunities: The event provided ample opportunities for our specialists to connect, exchange ideas, and collaborate with clients. A heartfelt thank you to everyone who joined us. Your trust and engagement are what drive us forward. Let’s keep building a safer digital society together. #CyberSecurityConference2025 #NorthwaveCyberSecurity #Aftermovie #SSRotterdam #ClientEvent #TrustIsTheKey