#NSBCS.115 - What Your Organisation Reveals Online Without Realising It
What if an attacker could map your company’s key people, technologies and projects without ever accessing your systems?
Attackers often start with information that is readily available online. Using OSINT techniques, they can build a clearer picture of an organisation before launching an attack.
Your public footprint across LinkedIn, company websites, press releases or event announcements can all be used for reconnaissance purposes. Understanding what is publicly available helps organisations see their exposure and take simple steps to reduce unnecessary risk.
Leadership announcements or team promotions on LinkedIn can reveal who holds key roles in an organisation. Job advertisements may indicate technologies in use or highlight upcoming projects. Event promotions, conference attendance, partnerships and vendor announcements can provide insight into operational priorities or initiatives. Public communications such as emails and newsletters can also reveal writing tone and style that attackers may attempt to replicate. Each piece of publicly available information can be connected to build a broader picture of an organisation’s structure and focus.
Organisations can take simple steps to manage their public information exposure. Periodically reviewing what is publicly available, coordinating across teams before publishing sensitive details, and providing general awareness training for employees can all help reduce unnecessary risk. This is not about restricting communication or promotion, but about understanding what information is visible and making informed choices.
By being aware of what is publicly accessible, organisations can strengthen their overall security posture while continuing to engage audiences, share achievements and promote their brand confidently.
For more on OSINT and how public information can be used in cyber security, see our blog post OSINT – Friend or Foe?
White House Releases New National Cyber Strategy and Executive Order to Combat Cybercrime - The US Administration has unveiled "President Trump's Cyber Strategy for America" alongside an Executive Order aimed at tackling cybercrime, fraud, and predatory schemes targeting Americans, including ransomware, malware, phishing, financial fraud, sextortion, and impersonation often linked to Transnational Criminal Organisations. The strategy emphasises six pillars: shaping adversary behaviour through defensive and offensive operations, promoting common-sense regulation to ease burdens, modernising federal networks with zero-trust and AI defences, securing critical infrastructure like energy and healthcare, sustaining superiority in technologies such as AI and quantum computing, and building cyber talent pipelines. The Executive Order directs interagency plans to disrupt criminal networks, enhance public-private engagement, prioritise prosecutions, support local partners, establish victim restoration programmes, and engage internationally with potential sanctions on non-cooperative nations. This follows prior actions like Treasury designations of scam networks, highlighting a shift towards private sector involvement in threat disruption.
Chinese Hackers Suspected in Breach of FBI Surveillance Network - US investigators suspect hackers affiliated with the Chinese government accessed an unclassified FBI network containing surveillance data on criminal suspects, including call details, IP addresses, and routing information but not communication contents. Detected last month, the breach's scope remains under early investigation, with notifications sent to Congress. It may involve the Salt Typhoon group, linked to Chinese intelligence, which previously compromised US wiretap systems and targeted over 80 countries, accessing unencrypted data of high-value individuals like President Trump. China denies involvement, accusing the US of aggression. The incident underscores ongoing intrusions into law-enforcement systems, with potential persistence of vulnerabilities despite efforts to address them.
Iran-Linked MuddyWater Deploys Dindoor Malware Against US Organisations - The Iran-linked APT group MuddyWater, associated with Iran's Ministry of Intelligence and Security, has targeted US organisations including a bank, airport, nonprofits, and a defence and aerospace software supplier with ties to Israel, using previously unknown backdoors like Dindoor and Fakeset. Active since 2017, the group has expanded from Middle Eastern targets to Europe and North America, focusing on telecommunications, government IT, and oil sectors for espionage, disruption, and influence. In February 2026 operations, malware was signed with fraudulent certificates and hosted on cloud services, with attempts at data exfiltration via tools like Rclone. Risks include escalation to DDoS, defacements, leaks, and attacks on critical infrastructure in hostile nations like the US and Israel.
Major Healthcare Data Breach Exposes Records of 3.4 Million Patients - A breach at TriZetto Provider Solutions, a Cognizant unit supplying healthcare software and services, has exposed sensitive personal and health data of over 3.4 million individuals, with no ransomware claim reported yet. Affecting medical practices, health plans, and related operations, the incident highlights vulnerabilities in third-party providers handling vast patient and billing information. Implications include risks of fraud, identity theft, patient distress, and extensive legal, regulatory, and notification efforts in a sector reliant on trust. Healthcare entities are advised to map impacted data, review vendor access logs, monitor for identity abuse, and prepare for notifications while assessing vendor concentration.
Pentagon Issues Memo to Remove Anthropic AI from Key National Security Systems - An internal Pentagon memo mandates the removal of Anthropic's AI products from all Department of Defence systems within 180 days, citing unacceptable supply chain risks and exploitable vulnerabilities that could endanger warfighters. Signed by Chief Information Officer Kirsten Davies, it affects critical areas like nuclear weapons, ballistic missile defence, and cyber warfare, including contracts involving other firms using Anthropic tools. Exemptions require approved risk mitigation plans for mission-essential uses. The decision stems from disputes over Anthropic's restrictions on applications like mass surveillance or autonomous weapons, contrasting with the Pentagon's needs for unrestricted lawful use, such as in intelligence for the Iran conflict.
Referenceshttps://www.insideprivacy.com/u-s-national-cybersecurity-strategy/white-house-releases-new-national-cyber-strategy-and-executive-order/https://www.itnews.com.au/news/us-suspects-china-in-breach-of-fbi-surveillance-network-624132https://securityaffairs.com/189060/apt/iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations.htmlhttps://www.techradar.com/pro/security/trizetto-data-breach-health-tech-giant-reveals-personal-info-of-3-4-million-users-may-have-been-affectedhttps://www.cbsnews.com/news/pentagon-ai-anthropic-memo-remove-from-key-systems/