Research and Innovation OSINT Digest 251118
ABOUT:
This is a news digest of recent security incidents spanning the full spectrum of threats – cyber, physical, hybrid – to Higher Education Institutions (HEIs), research, and innovation.
The information is open source only and this digest is produced for information only.
An interactive map depicting historic incident data can be found here.
EXECUTIVE SUMMARY:
In October 2025, SECURED observed 24 security incidents affecting HEIs from open-source data, a 14.3% increase on September 2025. Of these incidents, 62.5% were cyber, 25.0% hybrid, and 12.5% physical.
October 2025 saw cyber events increase by 7.1% compared to September 2025 (from 14 to 15 incidents). October data highlighted how a single software vulnerability can trigger cascading incidents across multiple institutions globally, underlining the risks posed by shared technology dependencies.
Incidents from October demonstrate continued Chinese Communist Party (CCP) interference in Western academia. These cases involved pressure on UK researchers working on politically sensitive topics and evidence of CCP-linked efforts to facilitate the transfer of intellectual property.
At Tyburn St Raphael, we specialise at countering threats to cutting-edge research and innovation.
We are experts in providing travel security assessments and strengthening organisational security posture to protect intellectual property.
TYBURN Recommendations:
Assess cyber resilience and recovery capabilities amid rising cyber threats
Cyber incidents in October have highlighted the downstream risks HEIs face after an incident, with malicious actors exploiting previous breaches to launch additional attacks and recovery protocols often failing under real-world conditions. Institutions should prioritise a review of their incident response and recovery plans, with testing informed by current intelligence on threats.
Assess cyber resilience of critical suppliers
Cyber incidents in September highlighted how criminals are targeting vulnerabilities in critical IT applications to attack HEIs. Institutions should prioritise assessments of their critical IT systems and incident response plans in the event of attacks on critical suppliers.
Engage external experts to provide open-source intelligence on threats
Security risks are evolving as HEIs face increased targeting by state-level actors using hybrid threat vectors. The shifting geopolitical landscape is transforming previously low-risk partnerships into high-risk exposures. Commercial open-source monitoring capabilities can provide institutions with timely, actionable intelligence to support proactive decision-making and early risk mitigation.
Incident data
Open-source data on security incidents with commentary
Rectory School - 01/10/2025 - US - Cyber
Event: Breachsense, a ransomware tracking site, reported that on 1 October 2025 Rectory School, a private boarding and day school in the US, experienced a data breach. The site identifies Qilin as the threat actor behind the attack. 143GB of data allegedly has been exfiltrated. Link 1
Comment: SECURED has been unable to verify the incident.
Mexico National Autonomous University - 01/10/2025 - Mexico- Hybrid
Event: The National Autonomous University of Mexico (UNAM) was forced to switch to online classes on 1 October, following the murder of a 16-year-old student on university campus and a series of threats made to university members. UNAM has reported a dozen threats to the Mexico City Prosecutor's office and highlighted that female professors had received gender-based threats via email and social media platforms. Link 1 Link 2 Link 3
Comment: Reporting indicates that UNAM has a history of gender-based violence. Following the murder of the student and threats to female university members, the institution has been targeted by mis- and disinformation campaigns, including false claims of bomb threats and violent groups intended to disrupt university operations. UNAM has issued guidance on safe social media use and established reporting mechanisms for online threats. This incident highlights the increasingly blurred line between digital harassment and physical threats, underlining the need for HEIs to proactively manage the digital exposure of researchers, staff, and students, and to strengthen associated security measures.
Kiel University Hospital - 01/10/2025 - Germany- Hybrid
Event: On 1 October 2025, German authorities reported multiple sightings of unidentified drones near critical infrastructure facilities in Schleswig-Holstein on 25 September. Among the sites observed was Kiel University Hospital, where a "group of drones" was observed operating in the vicinity. Additional locations included a power plant, a submarine construction site, and the state government building. Link 1 Link 2 Link 3 Link 4
Comment: Although the actors behind the drones have not been identified, this incident is likely part of a broader shift in hybrid tactics employed by adversarial states, particularly Russia or Russian state-sponsored actors, across Europe. The use of UAVs and other drones to enter foreign airspace reflects an evolving grey zone tactic used for espionage, intimidation, and operational disruption. Similar drone activity near major airports in Copenhagen, Berlin, and Brussels has caused airspace closures, demonstrating how low-cost, plausibly deniable tools can impose disproportionate security and economic impacts. These low-cost, plausibly deniable methods enable malicious actors to test defences, gather intelligence, and generate instability below the threshold of open conflict. Notably in this incident, drones seemingly conducted reconnaissance near Kiel University Hospital, indicating that critical infrastructure linked to HEIs is now considered a target of strategic interest. HEIs should therefore assess their exposure to hybrid threats and ensure that both physical and digital security measures account for this expanding risk surface.
Stanford University - 04/10/2025 - US - Physical
Event: On 4 October 2025, a grand jury at California indicted 11 students on federal charges of vandalism and trespassing. During pro-Palestinian protests in June 2024, the students occupied the office of the president of Stanford. The students were accused of causing USD300,000 worth of damage to the President's office and other campus property. Link 1 Link 2 Link 3
Comment: The timing of the charges also reflects growing federal and political pressure from the Trump administration, which has consistently sought to deter pro-Palestinian activism at US HEIs. For HEIs, this indicates an evolving security landscape where institutions must balance legal compliance, campus safety, and freedom of expression, while anticipating that politically charged protest activity may increasingly carry legal, reputational, and operational consequences. This incident underlines the security and financial risks presented by student protests, in which campus activism can escalate into property damage and political scrutiny. HEIs should strengthen situational awareness and proactive monitoring of protest dynamics, particularly when activism intersects with polarised geopolitical issues. This enables HEIs to proactively manage security risks present by student protests.
Unnamed Chinese University - 06/10/2025 - Canada - Hybrid
Event: The trial for Yuesheng Wang, a Chinese national working in Canada, has been postponed. Wang is accused of passing intellectual property and other sensitive information from his employer, Hydro-Quebec, to an unnamed Chinese university and research centres in China. Canadian authorities charged Wang with economic espionage under Canada's Security of Information Act in November 2022, marking the first use case of the act. Link 1 Link 2 Link 3
Comment: Wang worked in a specialised centre at Hydro-Quebec that developed technology for electric vehicles and energy storage systems. Canadian authorities began investigating Wang in August 2022, and have since alleged that Wang allegedly promised to share Canadian technology secrets in applications to participate in China's Thousand Talents programme, a recruitment programme used by the Chinese Communist Party (CCP) to attract foreign-trained scientists to return to work in China. Credible reporting has demonstrated that intellectual property theft at HEIs is a key strategy used by the Chinese government to accelerate its technological and military development. This incident demonstrates the risks presented by cooperation with some Chinese HEIs, who have historically facilitated intellectual property transfer on behalf of the CCP.
Charlotte-Mecklenburg Schools -07/10/2025- US- Cyber
Event: Breachsense, a ransomware tracking site, reported that on 7 October 2025 Charlotte-Mecklenburg Schools, a public school district in the US, experienced a data breach. The site identifies Qilin as the threat actor behind the attack. Details of the attack remain unclear. 305GB of data has allegedly been exfiltrated. Link 1
Comment: SECURED has been unable to verify this incident.
Western Sydney University - 07/10/2025 - Australia - Cyber
Event: On 7 October 2025, students and graduates of Western Sydney University received fraudulent emails, with some alleging that they had been expelled from the institution or that their degrees had been revoked. The University stated that malicious actors had exploited data from a previous cyber breach in June 2025 to send the fraudulent emails. Australian authorities are working with the university to investigate the fraudulent emails. Link 1 Link 2 Link 3
Comment: SECURED has observed at least three data breaches affecting Western Sydney University since 2024. Media reporting suggests the fraudulent emails were relatively sophisticated, designed to convincingly impersonate the institution and extract sensitive information. Victims described experiencing extreme stress and panic, highlighting the psychological pressure leveraged in such attacks. This incident illustrates the growing downstream risks HEIs face following cyber breaches: once data is exposed, malicious actors can repurpose it for further targeted attacks, amplifying reputational, financial, and operational harm. HEIs therefore need to assume that the impact of a cyber incident does not end at the point of breach and should invest in recovery and improvements in long-term resilience.
Multiple UK universities - 07/10/2025 - UK - Physical
Event: On 7 October 2025, students from multiple UK universities – including King's College London, London School of Economics, University College London, University of Edinburgh, and others – took part in an inter-university march to commemorate the second anniversary of the 7 October 2023 attacks. Protesters carried Palestine flags, chanted “from the river to the sea”, and assembled at or near university buildings. Link 1 Link 2 Link 3
Comment: Pro-Palestine protests continue present security risks for HEIs, as they can lead to harm to faculty and students, property damage, reputational harm, and legal consequences. Geopolitical events continue to function as stimuli for student activism and HEIs should develop ongoing monitoring capabilities to develop situational awareness of events that elevate the risk of security incidents.
Glasgow University - 07/10/2025 - UK - Physical
Event: On 7 October 2025, masked students at the University of Glasgow displayed a banner stating "Glory to Our Martyrs" during a protest held by the Glasgow University Justice for Palestine Society. The phrase "Al-Aqsa Flood" was used in the messaging, referencing Hamas's 7 October operation. University officials condemned the banner and stated that some students would face disciplinary measures. Link 1 Link 2 Link 3 Link 4
Comment: This incident poses a significant risk for HEIs as the Office for Students (OfS) has previously demonstrated that it is prepared to sanction HEIs if they are deemed to have failed to protect freedom of speech, particularly in the context of pro-Palestinian protests. There is also a second-order risk of reputational damage to Glasgow University among US and other external collaborators.
Massachusetts Bay Community College - 08/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites reported that on 8 October 2025 Massachusetts Bay Community College (MBCC), a public community college in the US, experienced a data breach. The sites identify Qilin as the threat actor behind the attack. Details of the attack remain unclear. Link 1 Link 2
Comment: SECURED has been unable to verify this incident.
Tabriz University - 09/10/2025 - Iran - Hybrid
Event: FrontLineDefenders reported on 9 October 2025 that Dr Abolfazl Ranjbari – an Iranian human right activist, lawyer, and academic at Tabriz University – has been detained by Iranian authorities without trial for 5 months. In May 2025, Ranjbari was initially charged with propaganda against the state and later espionage for Azerbaijan after signing an open letter calling for the abolition of the Gasht-e Ershad, the Iranian ‘morality police’, in September 2022. Link 1 Link 2
Comment: Ranjbari's detention represents a unique case within a broader pattern of researchers detentions in 2025. Unlike cases such as Elizabeth Tsurkov, who was detained outside her home country, Ranjbari was arrested by Iranian authorities, yet subjected to similar coercive tactics seen in other state-led detentions, including repeated extensions of temporary custody as a form of psychological pressure. Iranian security forces accused Ranjbari of espionage for Azerbaijan, citing his participation in an academic conference in Baku in 2018 where he presented an analysis of the Iranian judiciary system. This case highlights how academic activity in volatile geopolitical contexts can be easily reframed as hostile or subversive by state actors. It highlights a persistent vulnerability for researchers working on politically sensitive topics, particularly when HEIs provide limited security training, risk guidance, or protective protocols for international engagement.
Uvalde Consolidated Independent School District - 10/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites reported that on 10 October 2025 Uvalde Consolidated Independent School District (UCISD), a public education district in the US, experienced a data breach. The sites identify Qilin as the threat actor behind the attack. The cyber incident forced UCISD to stop teaching for one week due to the disruption. Link 1 Link 2 Link 3
Comment: UCISD reported that although there was a cyber incident affecting phones, air conditioning, security cameras, and other operational IT assets, there was no evidence of unauthorised compromise of school data. However, Qilin has claimed that it exfiltrated personal data of employees and students, posting images it claims are evidence on its data leak site. Although there are no reports of a ransom demand, Qilin's claims appear aimed at exerting pressure on the institution and generating reputational risk. The institution has likely already suffered reputational damage due to the operational disruption caused by the incident.
Multiple US institutions - 12/10/2025 - US - Hybrid
Event: A report by the Washington Examiner has allegedly uncovered that hardware developed by a Chinese company is still used in sensitive medical research funded by the US National Institutes of Health. Link 1 Link 2 Link 3
Comment: The report identifies United Imaging as a corporation with substantive ties to the Chinese Communist Party and the state-backed Chinese Academy of Sciences. In 2013, three United Imaging affiliates were charged with transferring sensitive information from US medical research labs to the Chinese Academy of Sciences in exchange for payments. Despite wide reporting on the risks of using United Imaging hardware, the report demonstrates that many sensitive research projects in the US continue to use their products. This case highlights the risks associated with collaboration with Chinese research entities, which may be incentivised or coerced by state authorities to exfiltrate intellectual property and other sensitive information. Institutions that collaborate with high-risk Chinese partners may face reputational damage, legal scrutiny, and the loss of funding or partnerships from security-conscious stakeholders.
Emirates Private School Fuhairah - 13/10/2025 - UAE - Cyber
Event: Breachsense, a ransomware tracking site, reported that on 13 October 2025 Emirates Private School Fujairah, a private school based in the UAE, experienced a data breach. Breachsense identifies BQTlock as the threat actor behind the attack. Details of the attack remain unclear. Link 1
Comment: SECURED has been unable to verify this incident.
University of Haifa - 13/10/2025 - Israel - Cyber
Event: Breachsense, a ransomware tracking site, reported that on 13 October 2025 the University of Haifa, a public research university in Israel, experienced a data breach. Breachsense identifies Handala as the threat actor behind the attack. Details of the attack remain unclear. Link 1 Link 2 Link 3
Comment: Handala is pro-Palestinian hacktivist threat actor group which first emerged in 2023. While they officially present themselves as hacktivists, intelligence sourcing indicates that they have links to the Iranian state, as is the case with many anti-Israeli hacktivist groups. Handala focuses largely on Israeli entities. This incident is almost certainly politically motivated, as attacks on a prestigious HEI also applies psychological pressure to the Israeli government and population. As modern conflict evolves, HEIs are increasingly becoming proxy targets in broader geopolitical tensions.
North Stonington Public Schools - 14/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites reported that on 16 October 2025 the North Stonington Public Schools, a public education district in the US, experienced a data breach. The sites identify Interlock as the threat actor behind the attack. North Stonington Public Schools confirmed the breach on 27 October, noting that breached data included names, dates of birth, addresses, health information, academic records, medical data, and other sensitive information. Interlock posted samples of breach data online and alleged that 3 TB was exfiltrated. Link 1 Link 2 Link 3
Comment: As of 17 November 2025, it is unclear how the attack unfolded, if the school paid a ransom, and how many people were affected. Schools are increasingly attractive targets for cybercriminals due to their relatively low levels of cyber resilience and the vast amounts of sensitive data they hold. US schools are one of the most common victims appearing in HEIs cyber incidents. Schools must invest in baseline cyber hygiene measures, staff training, and adopt a culture of digital risk management. Without such reforms, educational institutions remain highly vulnerable to data breaches, operational disruptions, and reputational damage.
Harvard University - 14/10/2025 - US - Cyber
Event: Harvard University is investigating a data breach, after CL0P, a Russian-based threat actor group, claimed it was preparing to release sensitive information exfiltrated from the institution. Investigation suggested that the breach occurred from a vulnerability in the Oracle E-Business suite, which affected multiple organisations and HEIs globally. The University notified 41 Massachusetts residents that their data had been exposed, including social security numbers and addresses. Link 1 Link 2 Link 3
Comment: Reporting indicates that Harvard University first became aware of data breach when it was listed on the CL0P's leak site. US and UK authorities confirmed reports from Mandiant that the incident was linked to the exploitation of the vulnerability tracked as CVE-2025-61882. Industry reporting indicates that CL0P has historically demanded seven and eight figure ransoms. This incident underlines the importance of ongoing monitoring to maintain situational awareness of the threat landscape and respond rapidly to evolving threats. It further reinforces the importance of assessing dependence and vulnerabilities from key digital assets for HEIs, given that single vulnerabilities can lead to large-scale network compromise.
University of St. Thomas - 14/10/2025 - US - Cyber
Event: A report by the Houston Chronicle has revealed that administrators at the University of St. Thomas may not have revealed the full extent of a September 2025 cyber breach to students or faculty. The report also claims to have shown that university administrators ignored concerns from their cybersecurity teams about changes to their IT providers. INC_RANSOM alleged to have exfiltrated 1.8TB of data in September 2025 in a cyber incident that forced St. Thomas' servers offline. Link 1 Link 2 Link 3
Comment: The Houston Chronicle claims to have reviewed a portion of the material posted online by INC_RANSOM, suggesting that the September 2025 breach may be more extensive than initially disclosed, with exposed data including financial information and other sensitive records. This incident underlines the significant downstream risks for HEIs after a cyber incident. Uncertainty over whether the administration has fully disclosed the extent of the incident may amplify reputational harm, eroding trust in the institution's ability to protect sensitive data. Delayed or incomplete reporting of breaches also exposes HEIs to potential liabilities, regulatory scrutiny, and compliance penalties.
Kearney Public Schools - 16/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites reported that on 16 October 2025 the Kearney Public Schools, a public education district in the US, experienced a data breach. The sites identify Interlock as the threat actor behind the attack. The school confirmed the breach in a letter to parents and staff on Facebook, outlining that exposed data included social security numbers, driver's licenses, and bank account information. Interlock alleged that it had exfiltrated 354GB of data. The school returned to normal operations shortly after the incident. Link 1 Link 2 Link 3
Comment: The school's official statement revealed that no ransom demand was received. It is possible that Interlock’s claim of responsibility is spurious. False claims are common, as malicious actors often seek to exploit confusion and pressure victims even when they are not responsible for the incident. The absence of a ransom demand raises questions about the threat actor's objectives, suggesting that their intent may not have been financial gain but rather disruption, data exfiltration, or reputation damage.
University of the Witwatersrand - 17/10/2025 - South Africa - Cyber
Event: Multiple ransomware tracking sites reported that on 17 October 2025 the University of Witwatersrand, a public research university in South Africa, experienced a data breach. The sites identify CL0P as the threat actor behind the attack. The university confirmed the cyber attack, reporting that their Oracle E-Business system was compromised in a "zero-day" event. Link 1 Link 2 Link 3 Link 4
Comment: Reporting indicates that attack was part of a larger attack on the Oracle E-Business system that affected multiple organisations. The university was working with external cybersecurity experts to assess the extent of the attack, but has not reported which data has been compromised as of 17 November 2025. This incident highlights how a single vulnerable platform can expose sensitive data and disrupt operations. HEIs should routinely assess their reliance on key digital assets and improve resilience.
University of Bialystok - 22/10/2025 - Poland - Hybrid
Event: The Supreme Court of Poland has upheld the conviction of a Belarusian national sentenced to four years in prison for spying on behalf of Russian military intelligence. The Belarusian citizen exploited contacts developed while studying at the University of Bialystok and a Polish defence company to collect intelligence about Polish troop operations near the Belarusian border. Polish authorities initially arrested the Belarusian citizen in April 2022 and a Polish court sentenced them to 4 years in prison in February 2024. Link 1
Comment: This incident highlights the broader intelligence threat to universities. The incident underlines the importance for universities to implement robust personnel policies for staff and to consider security threats emerging from the student body. University of Bialystok has likely suffered reputational damage as a result of their connection with the detained Belarusian national.
Doha British School - 27/10/2025 - Qatar - Cyber
Event: Multiple ransomware tracking sites reported that on 27 October 2025 Doha British School, an international British-curriculum school based in Qatar, experienced a data breach. The sites identify Qilin as the threat actor behind the attack. 481GB has allegedly been exfiltrated. Link 1 Link 2 Link 3
Comment: This incident highlights a broader vulnerability in the education sector: prestigious institutions are increasingly targeted due to high volumes of sensitive data and often limited cyber resilience. Institutions like Doha British School, with affluent communities and valuable financial and personal records, face heightened pressure from stakeholders in the event of a breach. Without robust cyber hygiene, staff training, and a culture of digital risk management, schools remain exposed to data exfiltration, operational disruption, and reputational damage.
Bellflower Unified School District - 29/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites, reported that on 29 October 2025 Bellflower Unified School District, a general education district based in California, experienced a data breach. The sites identify Rhysida as the threat actor behind the attack. Details about the incident remain unclear. Link1 Link 2
Comment: SECURED has been unable to verify this incident.
Clackamas Community College - 30/10/2025 - US - Cyber
Event: Multiple ransomware tracking sites reported that on 30 October 2025 Clackamas Community College, a public community college in the US, experienced a data breach. The sites identify Medusa as the threat actor behind the attack. 1.21TB of data has allegedly been exfiltrated. Link 1 Link 2
Comment: SECURED has been unable to verify this incident.
Security briefs
Analysis and assessment of ongoing security issues
Chinese state interference in UK academic research
Description: A BBC report outlined how Chinese state pressure interfered and de-facto censured Laura Murphy’s research into forced labour of Uyghur Muslims in Xinjiang at Sheffield Hallam University in 2024 [LINK, LINK, LINK]
Assessment: Chinese influence and information operations have consistently targeted Western academia as a vehicle to influence wider Western societies and repress research on topics sensitive to the CCP [LINK]. As evident in the case of Sheffield Hallam University [LINK]. Chinese officials use threats and intimidation to pressure institutions, exploiting UK universities’ financial reliance on Chinese partnerships to interfere with academic activity. Although Sheffield Hallam University has since apologised to Murphy and reinstated her research, such incidents are highly likely to persist in the medium term and have prompted further investigation by the UK Foreign Affairs Select Committee into Chinese interference in UK academia [LINK, LINK].
Growing US legislative pressure to curtail Chinese access to US academia and biotech
Description: The US Congress is currently debating two laws that would restrict US researchers' collaboration with Chinese researchers and prevent US citizens’ genetics and health data from being acquired by Chinese biotech companies [LINK, LINK].
Assessment: The Securing American Funding and Expertise from Adversarial Research Exploitation (SAFE) Act would prohibit funding to any US scientist who collaborates with anyone “affiliated with a hostile foreign entity”, defined as of China, Russia, Iran, and North Korea and with a special focus on Chinese research partnerships. [LINK]. The Biosecure Act would restrict federal funding to organisations with businesses identified as “companies of concern”, with a particular focus on Chinese biotech firms [LINK]. Under the Trump administration, US authorities have consistently sought to curtail Chinese influence and interference in US academia and research by restricting access for Chinese students and research partnerships. UK institutions receiving US federal funding are at risk of funding withdrawal if found to be collaborating with Chinese entities deemed as high-risk by the US.
UK Russell Group Universities device security in spotlight
Description: A report by Parliament Street think tank revealed that UK Russell Group Universities reported the loss or theft of more than 670 laptops and other devices since June 2022 [LINK, LINK].
Assessment: The scale of device loss across Russell Group Universities highlights persistent weaknesses in HEI security, as stolen or misplaced devices risk data exposure and unauthorised access to HEI’s systems. The number reported by the Russell Group Universities almost certainly underestimates the real figure, as countless other stolen or lost devices will have gone unreported. The trend reflects broader vulnerabilities in HEI security architectures, where decentralised IT environments and high device mobility increase the likelihood of compromise. Institutions receiving UK or international research funding may face regulatory and legal punishment if sensitive data is exposed.
Contact us
Secured is a UK-based organisation that provides strategic advisory services to organisations concerned about threats to the security of research, innovation, and investment.
Our security practitioners help entities secure their intellectual property, build operational and financial resilience, and cultivate a positive organisational security culture.
We provide research on the national security implications of emerging technologies as part of our scientific and technical intelligence assessment capability. Recent examples include:
Security for Ultra High Net Worth Individuals - strategic assessment of security risks facing UHNWIs and their organisations.
Dutch government takeover of Chinese-owned chip manufacturer - strategic assessment of the Dutch government’s takeover of a Chinese-owned semiconductor manufacturer based in the Netherlands.
Executive targeting: a dynamic risk- research article into the evolving threats to executives and how executive security falls between the silos of corporate and personal security.
NSIA 2024-25 Report Analysis - analysis of the 2025 UK National Security and Investments Act report and implications for companies falling within its scope.
Chinese malign influence activities affecting UK academia - assessment of a report by the UK-China Transparency (UKCT) charity which portrayed pervasive Chinese influence of UK academia.
Academic researchers exposed to US travel risk - assessment of the increasingly stringent US border practices and its impact on academic researchers travelling to the US.
Security risk from third-party meeting bots - a short article assessing the often overlooked security risks posed by third-party meeting bots intruding into online virtual meetings
Robustness of real-time deep fake technology - assessment of the security risks posed by evolving deep-fake technology and the requirement for more robust detection capabilities.
Stricter cyber incident reporting requirements - a short assessment of regulatory changes which are placing more pressure on organisations’ incident response plans.
Russian cyber intelligence campaign - strategic assessment of the Russian cyber intelligence campaign targeting logistics, tech companies, and supply chains supporting Ukraine.
The Zimmermann Telegram: A Century-Old Case Study for Strategic Communications - provides insight into how strategic communications, intelligence, and security intersect.
Beyond Baselines - highlights the necessity of security certifications that go beyond baseline measures.
Deception can enable private sector initiative - research article published in security and technology journal Binding Hook.
Space Systems Security Assessment - report for non-specialist readers detailing the full spectrum of threats to the security of space systems.
Secured is part of Tyburn St Raphael Ltd, a boutique security consultancy.
