Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 11 – 2025

Publication date

14.03.2025

Featured Story

Apple Patches WebKit Zero-Day Vulnerability

Apple released a security update to address a zero-day flaw (CVE-2025-24201) in the WebKit browser engine. The issue allowed attackers to craft malicious web content that could escape the Web Content sandbox. Apple fixed it with improved checks, noting it supplements protections from iOS 17.2.

SOC Analysis:
This vulnerability shows how shared components can lead to widespread risk. WebKit, used by Safari and other Apple services, makes regular patching essential. Even small flaws in core libraries can open the door to serious threats—underscoring the need for continuous updates and user awareness.

Other Stories

Switzerland Enforces 24-Hour Cyberattack Reporting

Switzerland’s National Cybersecurity Centre (NCSC) now mandates that cyberattacks on critical infrastructure must be reported within 24 hours. This aims to improve national responsiveness to escalating cyber threats.

SOC Analysis:
This move echoes the EU’s NIS2 directive, reinforcing the global shift toward rapid incident reporting. Organizations must bolster their monitoring systems and ensure they’re prepared to meet fast-moving regulatory demands. Early action = reduced impact.

Human Error Responsible for 95% of 2024 Data Breaches

Mimecast reports that 95% of last year’s breaches involved human error—primarily credential misuse, phishing, and insider threats. One notable case: the Change Healthcare ransomware attack started with a single compromised employee login.

SOC Analysis:
These numbers confirm what we see daily—people are often the weakest link. Ongoing training, awareness campaigns, and realistic phishing simulations help reduce human-driven risks. Tech is important, but educated users are essential.

Undocumented Commands Found in Popular Bluetooth Chip

The ESP32 chip (used in over 1 billion IoT devices) contains undocumented commands that can spoof devices, access data, and pivot through networks—posing massive supply chain risks.

SOC Analysis:
This discovery spotlights hidden threats in hardware. When inexpensive components lack transparency, they become prime targets. Businesses should evaluate vendors carefully and ensure regular firmware audits and security testing.

Beware: Fake Emails in Circulation on Behalf of De Watergroep

Fraudulent emails are being sent by cybercriminals impersonating De Watergroep, attempting to trick recipients with fake discount offers. These emails are convincingly crafted but do not originate from the official @dewatergroep.be domain. Users are urged not to click any links and to stay alert.

SOC Analysis:
Phishing scams continue to target Belgian citizens, this time using the name of De Watergroep to deceive recipients. We strongly advise against clicking any links in suspicious emails—always visit the official website directly. If you receive a suspicious message, forward it to suspicious@safeonweb.be. Your vigilance helps protect the wider community.

Want to enhance your organization’s cyber awareness or compliance strategy? Contact the Approach Cyber SOC team for tailored support and training programs.

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?