π Welcome back to Blumira Briefings! Fresh from RSA, we're diving into the week's critical security stories with Mike Toole, Michael Keller, and Jake Ouellette to provide actionable context for IT and security teams. π
What We Cover This Week:
π Top trending threats, including suspicious Microsoft 365 activity, Sophos blocked website alerts, and important batch script execution patterns
π "AirBorne" - Wormable AirPlay flaws affecting not just Apple devices but also smart speakers, TVs, and CarPlay systems
π‘οΈ Two SonicWall vulnerabilities being actively exploited despite patches being available since 2023/2024
𧩠"Bring Your Own Installer" EDR bypass technique used in ransomware attacks against SentinelOne
πͺ Windows RDP session persistence that allows continued access after password changes or account disabling
βοΈ Novel privilege escalation technique in Google Cloud Platform using resource tags
π‘ Expert Insights On:
- Why attackers consistently use net commands for reconnaissance and how to detect them
- Practical mitigation strategies for AirPlay vulnerabilities, especially for devices that rarely get updates
- The security implications of "wrapper apps" that modify secure messaging platforms
- How to implement stronger cloud access controls to prevent privilege escalation
π QUICK TIP: Check if your organization has RDP directly exposed to the internet - if you do, it's one of the highest risk indicators for a potential breach!
π LINKS:
AirPlay Security Issues: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html
SonicWall Vulnerabilities: https://www.securityweek.com/sonicwall-flags-two-vulnerabilities-as-exploited/
EDR Bypass Research: https://www.aon.com/en/insights/cyber-labs/bring-your-own-installer-bypassing-sentinelone
Windows RDP Issue: https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
GCP Privilege Escalation: https://www.mitiga.io/blog/tag-your-way-in-new-privilege-escalation-technique-in-gcp
Prowler (Cloud Security Tool): https://prowler.com/
SocGholish Malware Analysis: https://www.blumira.com/blog/socgholish-malware-recent-trends-and-effective-detection-strategies
Subscribe for weekly security insights every Friday at 1pm ET!
#CyberSecurity #VulnerabilityManagement #BlumiraBriefings #AirPlay #AppleSecurity #CloudSecurity #EDR
Popular Podcasts
Fudd Around And Find Out
UConn basketball star Azzi Fudd brings her championship swag to iHeart Womenβs Sports with Fudd Around and Find Out, a weekly podcast that takes fans along for the ride as Azzi spends her final year of college trying to reclaim the National Championship and prepare to be a first round WNBA draft pick. Ever wonder what itβs like to be a world-class athlete in the public spotlight while still managing schoolwork, friendships and family time? Itβs time to Fudd Around and Find Out!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you wonβt hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, youβve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.