Security Report – 10 Oct 2025

Exploit: Ransomware & Malware

Risk to Business: Moderate: Asahi Group Holdings, Ltd., one of Japan’s largest beverage companies, has confirmed that it was the victim of a ransomware attack. The company shared the update on October 3, about a week after disclosing the cyberattack, which forced it to suspend some domestic operations. During its ongoing investigation, Asahi discovered a potential unauthorised transfer of data from its systems. The company has not yet determined the nature or scope of the compromised information, nor has it disclosed whether the attackers issued a ransom demand.

United States – Cisco – Technology

Exploit: Third-Party Data Breach

Risk to Business: Moderate: Cybersecurity agencies worldwide, including CISA and the U.K. National Cybersecurity Center (NCSC), warned of an “advanced threat actor” actively targeting devices running Cisco’s Adaptive Security Appliances (ASA) firewall software. According to the agencies, the “widespread” campaign exploits zero-day vulnerabilities in Cisco devices, allowing attackers to run malicious code and deploy malware. Impacted equipment includes certain Cisco ASA 5500-X Series devices, which act as firewalls protecting corporate networks from intrusions. In a statement, Cisco analysts said they have “high confidence” the campaign is tied to ArcaneDoor — a state-sponsored threat actor the vendor first identified in 2024. In an emergency directive issued last Thursday, CISA ordered government cyber teams to locate all affected devices within just over one day, scan them for malicious activity and apply the security updates designed to patch the vulnerabilities.

Talk to a TCT team member today about implementing IT strategy plan for your business.