Afternoon attack and defense teams, one and all. By me @Forbes: Great analysis from @CheckPointSW into the new VanHelsing RaaS attack platform.

#infosec

https://www.forbes.com/sites/daveywinder/2025/03/24/new-windows-threat-demands-5000-in-return-for-hack-attack-access/

Apple has released iOS 18.3.1, an emergency security update to patch a zero-day vulnerability that the company says was exploited in targeted and "extremely sophisticated" attacks.

#apple #ios18 #ios1831 #0day #vulnerability #security
https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-day-exploited-in-extremely-sophisticated-attacks/

Microsoft 365 has introduced a new feature in its admin center to improve network connectivity for M365 Copilot. This comes after users experienced broken experiences due to blocked WebSocket connections in their network infrastructure, with tenant admins having no visibility into these failed connections. With the new feature, tenant admins can now see when their network impacts user connections to M365 apps and view the failure rate percentage for failed HTTPS and WebSocket connections. The report will highlight any blocked network connections that could affect various M365 applications.

In addition, tenant admins can also view the network assessment points for Microsoft 365 Copilot based on the network latency experienced by users. A lower latency results in higher assessment points, providing a clearer picture of any high latency issues that may be affecting user experience with M365 Copilot. To learn more about this new feature and how it can help optimize your customer's network connectivity setup essential for M365 applications, check out the full article. #microsoft365 #M365Copilot https://techcommunity.microsoft.com/t5/deployment-networking/optimizing-customer-network-connectivity-for-microsoft-365/m-p/4374772#M1445

There is a lot to take in this week in keeping your systems up-to-date.

The image below shows all the companies that have released updates.

Please take the time to check that your systems are updated or set to update.

#CyberEssentials

Excellent article from Selena Larson (https://mastodon.social/@selenalarson) on the need to focus on cyber criminals, rather than states, to protect companies.

https://rusi.org/explore-our-research/publications/commentary/why-biasing-advanced-persistent-threats-over-cybercrime-security-risk

If you are not protected from these then you are going to be fair game.

Ensure you have the basics right - get #CyberEssentials

Hopefully you all saw that Apple released some security updates at the end of last week.

It would be worthwhile checking to see if your devices have updated, and if not, update them, in order to keep yourself as safe as possible.

https://support.apple.com/en-us/100100

@ThinkstCanary It was posted on Mastodon as well...

https://infosec.exchange/@RGB_Lights/113265844733179079

Integrating honeypots and tripwires into your enterprise defenses is smart. They provide clear, early warnings that demand investigation.

Just reading through Microsoft's Secure Future Initiative report (https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/SFI_September_2024_progress_report.pdf) and they have "eliminated 5.75 MILLION inactive tenants"...

That's an awful lot of lifecycle management that has been missed.

The National Cyber Security Centre have published a post celebrating the 100th Cyber Advisor -> https://www.ncsc.gov.uk/blog-post/ncsc-cyber-advisor-scheme-milestone

If you would like to speak to one of these rarities please get in contact with us as we have one!

And @tendaoffcial has not yet responded to the report of a security issue in their firmware, but keep an eye out for an update
2/2

Wednesday appears to be router day... @zyxel have issued updates for a large number of their routers -> https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024

D-Link has issued a security advisory for an EOL router (https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411) but you should be replacing this model if you still use it...
1/2

Welcome to update day!

Please check that your systems are updating after patches were released yesterday by Microsoft, Adobe and others. Android released their's earlier in August.

Details for MSFT -> https://buff.ly/3UbZCAL - This includes 6 in the wild attacks (https://buff.ly/3wcPuKs)

Lots of Apple updates.
You know the drill...
https://support.apple.com/en-us/HT214117

Microsoft has announced the general availability of its Entra Suite, a comprehensive secure access solution for workforces. The cloud-based suite offers a Zero Trust user access solution that allows organizations to converge access policy engine across identities, endpoints, and private and public networks. It secures employee access to any cloud or on-premises application and resource from any location while enforcing least privilege access.

The Microsoft Entra Suite includes products like Entra Private Access, Internet Access, ID Governance, ID Protection and Verified ID which all contribute towards unifying Conditional Access policies for identities and networks; ensuring least privilege access for all users accessing resources & apps; improving user experience for both in-office & remote workers; reducing complexity & cost of managing security tools from multiple vendors. To learn more about this new offering from Microsoft check out their official announcement [here](https://aka.ms/ZeroTrustBlog-July2024) or visit the trial page [here](https://aka.ms/EntraSuiteTrial).
Post generated with the help of Azure OpenAI GPT4 🤖 #msftadvocate #AAD #Identity https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-suite-now-generally-available/ba-p/2520427

Congratulations to our Principal Consultant who achieved their Cyber Advisor (Cyber Essentials) certification this week!

https://registry.blockmarktech.com/certificates/f2a3b514-4071-4391-8fa8-40e9ce2616c9/?share_key=KevN5TTvHG2vUe-6UTgOFdsPmV69JkDiQVJb6GPx6I0

This is one for your cyber security briefings to your staff:

https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-2024-paris-olympics/

You and your company may not be involved in the Olympics but the bad guys will still use it as a lure to trick you into clicking on that email..

h/t @screaminggoat

If you are one of those people that keeps their browser open all week without restarting it you may be missing out on important security updates.

The Chrome browser has had THREE updates this week alone...

Get in the habit of restarting your browser everyday...

You will be able to restore your tabs via the keyboard shortcut of CTRL + ALT + T for both Chrome & Edge, when the browser restarts.

This morning is @Apple's usual patch release day, and **everything** needs updating

Details here -> https://buff.ly/2Jy40mT

A bright and shiny Chrome update to start this bright and shiny (kind of) new week.

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html?ref=news.risky.biz

Please check those automatic updates have kicked off...

As ever, thanks to @campuscodi -> https://news.risky.biz/risky-biz-news-black-basta-group-spam-bombs-victims-and-then-calls-to-help/?ref=risky-business-news-newsletter