London, UK
Aug 30, 2023   |  By Sean Moran
In the first half of 2023, UK ransomware attacks rose by 87% and by 37% globally. UK is the most targeted country outside the US and 20% of European ransomware attacks occur there. There has been increased exploitation of the financial services, insurance and IT sectors.
Jun 27, 2023   |  By John Fizpatrick
Among the range of data leak sites monitored by JUMPSEC, our attention has been drawn to a recent variant called “UnSafeLeaks”, due to its distinctively malicious and personalised approach, setting it apart from typical leak sites that focus primarily on explicit financial extortion. Perhaps more remarkably, a number of targeted organisations also appear to have previously been compromised by closely affiliated groups, suggesting the potential re-extortion of victim organisations.
Apr 24, 2023   |  By Miles
Having recently finished an extensive and eye-opening purple team engagement, I took some time to reflect on the sheer amount of ground that we had covered in just 6 short weeks.
Apr 23, 2023   |  By Miles
As Aviation, Maritime, Rail and Road transport organisations are reportedly experiencing increased levels of ransomware activity across Europe as per ENISA’s recent report, JUMPSEC analysts have combined the findings with JUMPSEC’s attacker reported data scraped from a variety of sources (including the dark web) providing further context to the risks currently posed to European transport organisations.
Mar 28, 2023   |  By Miles
This vector abuses Microsoft Direct Send service in order to propagate phishing emails from an external sender to an internal user, whilst spoofing the properties of a valid internal user. This “feature” has existed since before 2016. However, threat intelligence available to JUMPSEC has only observed it being abused recently.
Jan 19, 2023   |  By Miles
Matt Lawrence, Head of Defensive Security, and Dan Green, Head of Solutions, write about why compromise is inevitable – and the practical steps that organisations can take to build a security operating model capable of weathering the storm of cyber threats today.
Jan 19, 2023   |  By Miles
Matt Lawrence, Head of Defensive Security, and Dan Green, Head of Solutions, write about why compromise is inevitable – and the practical steps that organisations can take to build a security operating model capable of weathering the storm of cyber threats today.
Jan 6, 2023   |  By Miles
To cope with increasingly costly pay-outs, providers are redefining the terms of cyber insurance to reduce their exposure. The implications could spell myriad changes for the cyber security industry. Whatever the outcome, it’s time for organisations to re-evaluate whether their policy will cover them against the attacks they are most susceptible to.
Dec 15, 2022   |  By Miles
In a key bulletin published in August 2022, Tony Chaudhry, the Underwriting Director of Lloyds, addressed the risk posed by cyber security threats to the insurance industry, stating that “losses have the potential to greatly exceed what the insurance market is able to absorb”.
Dec 13, 2022   |  By Zhuoran Tan, Security Data Scientist
Deploying machine learning models in the cyber security industry is complicated - especially with budget and technology limitations. Especially when it comes to anomaly detection, there's been much debate over privacy, balance, budget, robustness, cloud security and reliable implementation. For cyber security companies using machine learning technologies, ensuring clients' safety with trustworthy artificial intelligence (AI) must always be the primary objective.
May 11, 2023   |  By JUMPSEC
Phishing attacks have adapted to improved cyber defences, with recent developments making these attacks as effective as ever. Max looks at why social engineering is being heavily used and what techniques are being used.
Aug 12, 2022   |  By JUMPSEC
Anatomy of an Incident, presented by Matt Lawrence, Head of Defensive Security Matt talks through his experience of high-profile cyber security incidents and the key lessons learned in terms of preparing to respond to a crisis.
Aug 11, 2022   |  By JUMPSEC
Benchmarking EDR/MDR Solutions presented by Tom Ellson, Head of Offensive Security We recently completed a review of a number of industry-recognised EDR and MDR solutions. This led us to take a novel approach that addresses many of the limitations and constraints typically met when undertaking this type of assessment. You will learn why context is key to threat detection, and how the different vendors performed in our realistic and representative environment against goal-focused attack paths.
Aug 11, 2022   |  By JUMPSEC
UK Threat Landscape Trends - Presented by John Fitzpatrick, CTO John Fitzpatrick reflects on the last six months, examining the key threats and trends we have observed affecting UK institutions. Specifically, we will delve into ransomware threat evolution, presenting and discussing. This will build upon our predictions made at the last briefing, reviewing how the landscape has changed, how our predictions fared, and how it has been influenced by major cyber security events and developments.
Aug 11, 2022   |  By JUMPSEC
Understanding Your “Attack Surface” presented by Max Garaffa Attackers can access a huge amount of open-source information about your organisation over the internet. You will learn how to locate this information, understand what is most dangerous, and what you can do to counter the threat. This intelligence can be used for both offence and defence, which we have explored in recent engagements for our clients.
Nov 10, 2021   |  By JUMPSEC
Meet JUMPSEC and the team at our recent team building event
Sep 24, 2020   |  By JUMPSEC
Our technical team give a demonstration and a walk through of the portal and how it can be used to help support your IT teams. With our JUMPSEC Managed Vulnerability Scanning Service.
May 19, 2020   |  By JUMPSEC
JUMPSEC Jargon Buster - What is a Zero Trust Network, Thom explains.
May 13, 2020   |  By JUMPSEC
To learn more about JUMPSEC'S services please get in touch.

JUMPSEC’s mission is to change the way the organisations deal with security and enable organisations to use the security they have invested in to the fullest. Incrementally improving organisations cyber security protection year on year.

We offer a range of defined cyber security solutions to enable our clients to secure against cyber threats, and specialise in applying our broad cyber security capabilities to design and deliver custom projects and innovative solutions. The list below isn’t exhaustive and we regularly combine elements (and add new ones) to create custom solutions, solving unique challenges and realising specific outcomes for our clients.

Future proof your cyber defences and realise genuine improvement over time with offensive, defensive, and strategic cyber security solutions, delivering the outcomes you need by combating the threats you face.

  • Offensive: Replicating real-world cyber threats, leveraging current threat intelligence to accurately and authentically simulate adversarial tactics, techniques and procedures.
  • Defensive: Configuring, implementing, and tuning controls to build resilient network defences, high-fidelity detection, and effective response to combat even the most advanced attackers.
  • Strategic: Applying best practices, policies, frameworks and standards to create effective cyber transformation programmes, balancing risk reduction with the cost of change.

Future proof your cyber defences and realise genuine improvement over time.