๐ Your essential security briefing is here! This week, Matt Warner, Nick Dixon, and Jake Ouellette join Zoe Lindsey to break down critical developments in cybersecurity with practical context for busy IT and security teams. ๐
What We Cover This Week:ย
๐ Trend Micro patches 6 critical vulnerabilities (CVSS 9.8) in Apex Central and PolicyServer products - and how the deserialization method leveraged to exploit them works
๐ Over 80,000 Microsoft Entra ID accounts targeted using TeamFiltration - how this pen testing tool is being weaponized by attackersย
๐ NIST's new Zero Trust Implementation Guide - less conceptual introductions, with better focus on practical implementation
๐Latest World Economic Forum report shows smaller organizations feel they are approaching cybersecurity breaking point - the panel talks how to get strategic when resources and time are tight
๐ก Quick tip of the week: Perform a gap assessment to identify high-impact, low-effort security improvements to prioritize first โ evolution, not reinvention is the name of the game!
Plus, Expert Insights On:
- Why traditional rate limiting fails against sophisticated password sprays
- The usefulness of frameworks to start with the right questions
- Strategies for prioritizing security efforts to avoid burnout
๐ LINKS:
Trend Micro Security Bulletins:
- Endpoint Encryption PolicyServer: https://success.trendmicro.com/en-US/solution/KA-0019928ย
- Apex Central: https://success.trendmicro.com/en-US/solution/KA-0019926
NIST Zero Trust Resources:
- SP 1800-35: Implementing a Zero Trust Architecture (Final): https://csrc.nist.gov/pubs/sp/1800/35/final
- SP 800-207: Zero Trust Architecture (2020 Conceptual Framework): https://csrc.nist.gov/publications/detail/sp/800-207/final
Active Directory Hardening Guide: https://osintteam.blog/%EF%B8%8Factive-directory-hardening-for-enterprise-security-5832b3f75de0
๐ฐ SOURCES:
Trend Micro Critical Vulnerabilities: https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver
NIST Zero Trust Implementation Guide: https://www.infosecurity-magazine.com/news/nist-zero-trust-implementation/
Microsoft Entra ID TeamFiltration Attacks: https://thehackernews.com/2025/06/over-80000-microsoft-entra-id-accounts.html
Small Orgs Cybersecurity Breaking Point: https://www.csoonline.com/article/4003892/smaller-organizations-nearing-cybersecurity-breaking-point.html
Popular Podcasts
Fudd Around And Find Out
UConn basketball star Azzi Fudd brings her championship swag to iHeart Womenโs Sports with Fudd Around and Find Out, a weekly podcast that takes fans along for the ride as Azzi spends her final year of college trying to reclaim the National Championship and prepare to be a first round WNBA draft pick. Ever wonder what itโs like to be a world-class athlete in the public spotlight while still managing schoolwork, friendships and family time? Itโs time to Fudd Around and Find Out!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you wonโt hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, youโve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!