September 2025 Cybersecurity Roundup

On September 19, a cyberattack on Collins Aerospace’s vMUSE/MUSE platform disrupted check-in and boarding at major airports across London, Brussels, Berlin, Dublin, and more. Airlines reverted to manual processing, causing widespread delays and cancellations, while the incident is being treated as a ransomware attack against a critical third-party system. (AP News)

How to protect your organization: 

• Audit your vendor relationships: Identify all third-party platforms connected to your systems and verify their cybersecurity posture.
  
• Segment critical systems: Prevent attackers from moving laterally across your network in the event a vendor is compromised.
  
• Establish manual continuity plans to ensure critical operations can continue safely without reliance on automated systems.
  
• Require certificate-based access control: Limit system connections only to verified, signed software and devices.

Why it matters: 

The attack highlighted the vulnerability of aviation operations to shared digital systems. By integrating SSL.com’s eSigner cloud signing service into software and operational workflows, organizations can ensure every update, script, or executable used in critical infrastructure is digitally signed, timestamped, and verifiably authentic. eSigner can help prevent unauthorized tampering of third-party or internal applications.

Jaguar Land Rover extended a production shutdown into late September after a cybersecurity incident disrupted operations across multiple factories. The ripple effects impacted suppliers and logistics, underscoring how ransomware is no longer just an IT issue but a significant operational threat. (Illumio)

How to protect your organization: 

• Review business continuity strategies: Test how long your operations can sustain an outage and plan contingencies.
  
• Isolate operational technology (OT) from IT networks: Prevent cross-contamination between production and corporate systems.
  
• Deploy strong digital identity controls: Ensure only signed, authorized code runs in production systems.
• Establish vendor trust frameworks: Require digital certificates for all third-party integrations.

Why it matters: 

As connected manufacturing systems grow more complex, identity-based trust between machines, sensors, and suppliers becomes essential. SSL.com’s IoT and PKI solutions include hosted Subordinate CA services, custom ACME-enabled certificate automation, and publicly trusted SSL/TLS certificates. These services help manufacturers secure device-to-cloud communications, authenticate endpoints, and maintain continuous operational trust even during disruptions.

Harrods announced that a third-party provider’s systems were breached, exposing approximately 430,000 customer records that contained names, contact details, and other identifiers (although no payment information was compromised). Harrods says its internal infrastructure was not breached and that the attack has since been contained. (TechRadar; The Guardian)

How to protect your organization: 

• Conduct regular third-party risk assessments to review partners’ data handling and breach response procedures.
  
• Encrypt sensitive data end-to-end: Ensure all stored and transmitted customer data is encrypted using modern TLS.
  
• Implement S/MIME for secure communications: Protect email exchanges with encryption and digital signatures.
  
• Educate staff about phishing risks: Social engineering often follows breaches.

Why it matters: 

This breach highlights how even trusted partners can become points of exposure that damage customer confidence. Business leaders should view third-party risk management as an extension of their own brand protection strategy. 

Establishing contractual security obligations for vendors, enforcing continuous compliance monitoring, and requiring independent audits can help reduce exposure from external systems. Transparency with affected customers and swift response coordination also play a key role in maintaining long-term trust after a breach.

Vietnam’s National Credit Information Center (CIC) disclosed that its systems were attacked, possibly by the hacking group ShinyHunters, resulting in unauthorized access to personal and credit data. The full scope is still under investigation, but the agency affirmed that its core credit operations remain intact. (Reuters)

How to protect your organization: 

• Encrypt sensitive data at rest and in transit: Ensure databases and APIs use strong encryption certificates.
  
• Monitor for unauthorized access attempts: Set up alerts for anomalies in data access patterns.
  
• Rotate and revoke compromised keys: Respond quickly to any potential certificate or credential exposure.
  
• Conduct post-incident compliance checks: Align with ISO 27001 and PCI DSS where applicable.

Why it matters: 

This breach underscores the urgency for governments to strengthen data protection frameworks with verifiable digital identity and encryption. SSL.com’s Government PKI and Hosted CA Services offer a compliant and scalable infrastructure for agencies to issue, manage, and automate SSL/TLS certificates across critical systems, ensuring trusted communications, protecting citizen data, and meeting international cybersecurity standards.

The September Android security patch addressed 84 vulnerabilities, including two actively exploited zero-day flaws, one in the kernel and another in the Android Runtime. Users are urged to update immediately to mitigate risk from ongoing exploit chains. (Tom’s Guide)

How to protect your organization: 

• Mandate regular software updates across devices, especially for BYOD or mobile workforce environments.
  
• Restrict unverified app installations: Disable sideloading to minimize exposure to malicious apps.
  
• Use certificate-based authentication: Ensure devices connecting to corporate systems are trusted and verified.
  
• Monitor device compliance by leveraging mobile device management (MDM) integrated with digital certificates.

Why it matters: 

This incident reinforces how neglected patching policies can quietly become enterprise-wide risks. Leaders should treat timely updates as a governance issue (not just an IT task) by enforcing patch compliance across every device accessing corporate data. Regularly auditing mobile device security, establishing minimum supported OS versions, and including update performance in vendor and employee compliance metrics ensures that vulnerabilities are mitigated before attackers can exploit them.