CyberSecure Specialist

06 Aug

Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments

Attacks, Insights, Malware

Note: This Alert may be updated to reflect new guidance issued by CISA or other parties.  CISA is aware of the newly disclosed high-severity vulnerability, CVE-2025-53786, that allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined configurations. This vulnerability, if not addressed, could impact the identity integrity of an organization’s Exchange Online service.  While Microsoft has stated there is no observed exploitation as of…

Read More
06 Aug

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

Attacks, Insights, Malware

CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704 [CWE-94: Code Injection], CVE-2025-49706 [CWE-287: Improper Authentication], CVE-2025-53770 [CWE-502: Deserialization of Untrusted Data], and CVE-2025-53771 [CWE-287: Improper Authentication] Cyber threat actors have chained CVE-2025-49704 and CVE-2025-49706 (in an exploit chain publicly known as “ToolShell”) to gain unauthorized access to on-premises SharePoint servers. CISA analyzed six files including two Dynamic Link-Library (.DLL), one cryptographic key…

Read More
02 Aug

Why the tech industry needs to stand firm on preserving end-to-end encryption

Information

Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity Tony Anscombe 01 Aug 2025  •  , 5 min. read The UK Government wants access, when requested, to the end-to-end encrypted messages and data for everyone in the UK. The reasons are to specifically tackle serious crimes, such as terrorism and child sex abuse. The UK Government is not alone in…

Read More
02 Aug

Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)

Information

Here’s what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much 01 Aug 2025 The world of espionage has gone digital. Rather than involving trench coats and secret missions, it’s now about silent cyberthreats that can turn phones into secret surveillance devices. In other words, today’s battleground is in people’s pockets, as malicious tools pose as everyday apps and can, in extreme…

Read More
01 Aug

This month in security with Tony Anscombe – July 2025 edition

Information

Here’s a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025 31 Jul 2025 With another month behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that made an impact and offered vital lessons in July 2025. Here’s Tony’s rundown of some of what stood out most over the past 30 or so days. attacks targeting on-premises Microsoft SharePoint…

Read More
01 Aug

Let’s get Digital! Updated Digital Identity Guidelines are Here!

Insights

Credit: NIST Today is the day! Digital Identity Guidelines, Revision 4  is finally here…it’s been an exciting journey and NIST is honored to be a part of it.  What can we expect? Serving as a culmination of a nearly four-year collaborative process that included foundational research, two public drafts, and about 6,000 individual comments from the public, Revision 4 of Special Publication 800-63, Digital Identity Guidelines, intends to respond to the changing digital landscape that has…

Read More
31 Jul

Reflections from the First Cyber AI Profile Workshop

Insights

Thank you to everyone who participated in the Cyber AI Profile Workshop NIST hosted this past April! This work intends to support the cybersecurity and AI communities — and the input you provided during this workshop is critical. We are working to publish a Workshop Summary that captures themes and highlights from the event. In the interim, we would like to share a preview of what we heard. Background on the Cyber AI Profile Workshop  As…

Read More
31 Jul

Thorium Platform Public Availability

Attacks, Insights, Malware

Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams’ capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and incident response, allowing analysts to efficiently assess complex malware threats. Thorium enables teams that frequently analyze files to achieve scalable…

Read More
31 Jul

CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure

Attacks, Insights, Malware

CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility. During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence on the organization’s network but did identify several cybersecurity risks. CISA and USCG are sharing their findings and associated mitigations…

Read More
30 Jul

The hidden risks of browser extensions – and how to stay safe

Information

Digital Security Not all browser add-ons are handy helpers – some may contain far more than you have bargained for Phil Muncaster 29 Jul 2025  •  , 4 min. read What would we do without the web browser? For most of us, it’s our gateway to the digital world. But browsers are such a familiar tool today that we’re in danger of giving them a free ride. In fact, there are plenty of rogue extensions…

Read More