Security Report – 10 Jul 2026

IT resilience

Security Report – 10 Jul 2026

Data protection has always been the bedrock of IT resilience. However, in the era of increasingly frequent and sophisticated ransomware and data exfiltration attacks, backup alone no longer keeps organisations protected. Businesses today face all manners of threats to their data. Cybercriminals will encrypt data and withhold the decryption key until a ransom is paid. They will copy sensitive data and threaten to sell or publicly release it, creating pressure to pay even when recovery is possible. In addition to the data itself, they will target backup systems, user identities, applications, and anything that can cause a disruption or make recovery more difficult or impossible. In order to confront today’s cyberthreats, data protection must evolve into cyber resilience. IT, security, and business leaders must understand the difference between the two and what it takes to bridge the gap.

Recent Breaches

Japan – Aflac Japan – Insurance 

Exploit: Hacking

Risk to Business: Moderate: American insurance giant Aflac disclosed a data breach after attackers compromised its Japan subsidiary’s systems and stole the personal and bank account information of more than 4.38 million customers. Aflac, the largest supplemental insurance provider in the U.S. with millions of customers across the U.S. and Japan, said Aflac Japan discovered unauthorised access to certain systems on June 25. According to the company, the threat actors had access to the affected systems between June 15 and June 25. An investigation is ongoing, and Aflac has confirmed that sensitive information stored on those systems was accessed. According to Aflac Japan, the exposed information includes policy and coverage details, personal information and bank account information. The company emphasized that the incident was limited to its systems in Japan and that systems supporting its U.S. business were not accessed.

United States – Microsoft Defender – Technology 

Exploit: Zero-day vulnerability

Risk to Business: Moderate: A Microsoft Defender vulnerability known as BlueHammer is being exploited in ransomware attacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). BlueHammer is a privilege escalation vulnerability, tracked as CVE-2026-33825, that can be exploited by an authenticated attacker. The flaw was publicly disclosed on April 2, and Microsoft released a security patch on April 14. CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 22 and has now updated the entry to confirm that it is being actively leveraged in ransomware campaigns. However, it remains unclear which ransomware group is exploiting CVE-2026-33825. There are currently no recent public reports providing additional details about the observed exploitation activity.

Talk to a TCT team member today about implementing Cyber resilience strategy plan for your business.

 

Robert Brown
10/7/2026

Related Articles:
Bad Onboarding Causes Messy Offboarding
M365 Settings Worth Checking