🔔 Welcome back for this week’s episode and your weekly security download! We're joined by Jake Ouellette, Taylor Jacobson, and Amanda Berlin to break down the week's most important security headlines with context you can actually use. 🔔
What We Cover This Week:
📊 Most changed weekly trends, including recurring process dumps for credential theft and suspicious IAM behavior
🔧 Critical Veeam RCE vulnerability (CVE-2025-23121) with a 9.9 CVSS score - make sure to patch this one immediately!
🌐 NetScaler ADC and Gateway vulnerabilities allowing token theft from internet-facing devices
📲 Cisco Meraki MX and Z device vulnerability can DoS VPN connections
💼 Identity theft report showing 148% surge in impersonation scams, with businesses as primary targets
🤖 First-ever zero-click AI data leak vulnerability in Microsoft 365 Copilot dubbed "EchoLeak"
Document your recovery processes so anyone can perform them if the primary person is unavailable - don't create single points of failure in your incident response team
Plus, Expert Insights On:
- How to handle emergency patches outside normal change control cycles
- Why testing backup restoration is more critical than just having backups
- Practical ways to run tabletop exercises even with limited resources
- Strategies for businesses to prevent impersonation attacks
- How organizations can manage AI access to reduce risks
NOTE: We'll be on hiatus next week due to the July 4th holiday -- we'll be back on July 11th with more security insights!
📰 SOURCES:
Veeam RCE Vulnerability: https://thehackernews.com/2025/06/veeam-patches-cve-2025-23121-critical.html
Citrix NetScaler Vulnerabilities: https://www.darkreading.com/vulnerabilities-threats/citrix-patches-vulns-netscaler-adc-gateway
Cisco & Atlassian Patches: https://www.securityweek.com/high-severity-vulnerabilities-patched-by-cisco-atlassian/
Identity Impersonation Scams: https://www.infosecurity-magazine.com/news/reported-impersonation-scams-surge/
Zero-Click AI Data Leak: https://www.bleepingcomputer.com/news/security/zero-click-ai-data-leak-flaw-uncovered-in-microsoft-365-copilot/
🔗 LINKS:
Veeam Advisory: https://www.veeam.com/kb4743
Rapid7 Emergent Threat Response: https://www.rapid7.com/blog/post/etr-critical-veeam-backup-replication-cve-2025-23121/
Citrix Security Bulletin CTX693420: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420
OWASP Top 10 for LLM Applications 2025: https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/
Defensive Security Handbook: https://www.oreilly.com/library/view/defensive-security-handbook/9781098127237/
Popular Podcasts
Fudd Around And Find Out
UConn basketball star Azzi Fudd brings her championship swag to iHeart Women’s Sports with Fudd Around and Find Out, a weekly podcast that takes fans along for the ride as Azzi spends her final year of college trying to reclaim the National Championship and prepare to be a first round WNBA draft pick. Ever wonder what it’s like to be a world-class athlete in the public spotlight while still managing schoolwork, friendships and family time? It’s time to Fudd Around and Find Out!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!