Cybersecurity Weekly Update: 22-27 October 2025
- SOC Team
- 8 hours ago
- 2 min read
1. High-severity Windows SMB flaw now actively exploited
A critical vulnerability in Microsoft Windows’s Server Message Block (SMB) protocol — tracked as CVE‑2025‑33073 (CVSS 8.8) — is now listed on the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities list. (TechRadar)
Why it matters: Many organisations (including in finance and healthcare) still run older Windows 10/11 or Server versions. Exposed SMB services can allow an attacker to coerce a system into connecting to a malicious SMB server — leading to system-level access if unpatched.
Action: Immediately verify that all Windows systems are patched with the June 2025 (or later) Patch Tuesday fix; limit SMB exposure to untrusted networks and monitor for unusual SMB traffic.
2. UK’s National Cyber Security Centre (NCSC) issues stark warning – “four nationally significant attacks each week”
The UK’s NCSC released its Annual Review 2025: it dealt with 204 “nationally significant” cyber-incidents in the 12 months to August 2025 (up from 89 the year before) and 429 incidents overall. That equates to about four major incidents a week. (The European)
Why it matters: For organisations this underscores that the threat level is not only rising, but increasingly affecting critical services, infrastructure and broad-based supply chains.
Action: Ensure board-level involvement of cyber-resilience, validate that incident-response plans reflect the possibility of severe disruption, and review supply-chain exposures.
3. The costliest cyber-event in UK history: Jaguar Land Rover attack estimated at £1.9 billion
A major cyber-attack on Jaguar Land Rover (JLR), which caused prolonged internal systems and production outages, is estimated to have cost the UK at least £1.9 billion. (Financial Times)
Why it matters: This incident demonstrates that cyber incidents are no longer purely data theft—they can cause sustained operational/production disruption with multi-billion-dollar consequences. Defence, manufacturing, automotive suppliers and education institutions need to treat cyber risk as operational risk.
Action: Review business-continuity plans: what happens if core systems are unavailable for weeks? Conduct tabletop exercises covering “IT systems down” across business, not just IT teams.
4. Key recommendations for this week
Patch immediately: Focus on the SMB vulnerability (CVE-2025-33073) and ensure all Windows systems are up to date; segment SMB-exposed services.
Third-party / supply-chain risk: The NCSC review and the JLR incident both stress the supplier angle—ensure your vendor audits, SLAs and supplier cyber-posture are up to date.
Board & executive awareness: With threats rising, cyber-resilience must be at board-level. Make sure your leadership understands the business-impact stakes.
Operational resilience, not just IT defence: Prepare for scenarios where systems are unavailable for extended periods. Robust backups, offline plans, and recovery framework are key.