Author: Staff Writer

Essential Insights Data Breach Investigation: The House of Commons of Canada is investigating a cyberattack that compromised employee information, specifically names, job titles, office locations, and email addresses, exploiting a Microsoft vulnerability. Vulnerability Details: The breach involved a recently patched Microsoft flaw, with the Canadian Centre for Cyber Security warning about two critical vulnerabilities—CVE-2025-53770 (affecting SharePoint) and CVE-2025-53786 (affecting Exchange)—that have been widely exploited by various threat groups. Implications for Security: Employees and members of the House of Commons were advised to be vigilant against potential fraud and impersonation attempts using the stolen information, emphasizing the need for enhanced security…

Essential Insights Importance of Automation: Just as you check your home for safety, your organization’s digital infrastructure requires consistent security protocols. Tools like External Attack Surface Management (EASM) and Digital Risk Protection (DRP) automate checks, preventing costly incidents from misconfigured assets. Unmonitored Assets Risk: Development and shadow IT can lead to invisible, unprotected assets, such as orphaned servers or misconfigured storage buckets, which are susceptible to breaches without automated discovery and monitoring. Threat Detection Beyond Firewalls: DRP focuses on external threats, continuously scanning social media and underground forums for mentions of your organization, helping to identify risks before they escalate…

Essential Insights Proactive Defense Strategies: Cybersecurity leaders must adopt a security-by-default mindset, implementing measures like multi-factor authentication (MFA) and deny-by-default policies to thwart attacks before they compromise networks. Essential Settings for Risk Reduction: Key configurations include disabling Office macros, removing local admin rights, and blocking unauthorized software, which collectively protect against prevalent attack vectors such as ransomware. Network and Application Controls: Limiting outbound traffic, controlling access to critical applications, and monitoring file activity can significantly diminish the attack surface and prevent malware proliferation. Ongoing Vigilance and Automation: Regular patching and automated threat detection tools are crucial for maintaining robust defenses,…

Aug 14, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure their clients’ Windows, Apple, and Linux endpoints from a single, unified platform. The vulnerabilities in question are listed below – CVE-2025-8875 (CVSS score: N/A) – An insecure deserialization vulnerability that could lead to command execution CVE-2025-8876 (CVSS score: N/A) – A…

Top Highlights Active Exploitation: CISA has alerted that two vulnerabilities in N-able’s N-central platform (CVE-2025-8875 and CVE-2025-8876) are currently being exploited by attackers, allowing command execution and command injection. Patch Required: N-able released a critical security update (version 2025.3.1) to address these vulnerabilities and urged administrators to upgrade their systems promptly to mitigate potential risks. Federal Response: CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch agencies to patch their systems by August 20, with recommendations for all organizations to secure their devices. Widespread Exposure: Approximately 2,000 N-central instances are publicly accessible on the…

Netwrix, a cybersecurity company specializing in safeguarding data and identities, has inaugurated its new Innovation Center in Kraków, Poland. Designed to serve as the company’s primary European operations hub, the facility aims to deliver faster, more efficient cybersecurity solutions to its customers. As part of this expansion, Netwrix is actively recruiting skilled IT professionals from the region. The center has already onboarded over 20 employees and advertised more than 20 additional roles, with further openings expected in the near future. Cyber Technology Insights : Atos named a Leader in ISG Provider Lens for Cybersecurity – Services and Solutions in Germany The Kraków…

SonicWall has unveiled nine new firewalls within its Generation 8 portfolio, marking a major leap in its mission to provide purpose-built cybersecurity solutions for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), and their customers. The launch reflects SonicWall’s ongoing commitment to delivering fully integrated security solutions that protect against threats across endpoints, local networks, and the cloud. By combining scalability, affordability, and simplicity, the new Generation 8 series empowers partners to deliver robust, enterprise-grade protection. Each device integrates advanced security features, cloud-based management, Zero Trust access, and expert support — all for a single monthly fee. “This isn’t…

Nozomi Networks Inc., a leader in OT, IoT, and CPS cybersecurity, has partnered with Schneider Electric, a global leader in energy management and automation, to unveil the world’s first embedded security sensor within Schneider Electric’s remote terminal units (RTUs). This groundbreaking innovation integrates Nozomi Arc Embedded directly into Schneider’s SCADAPack 47xi Smart RTUs, offering unprecedented visibility and protection at the control device level of industrial automation systems and field assets. The embedded solution allows security and operations teams to detect, analyze, and address threats targeting control devices without straining existing resources or disrupting mission-critical operations. As a result, organizations can…

Akamai Technologies, a leader in cloud computing and cybersecurity, has entered into a new strategic partnership with Aptum, a managed hybrid cloud services provider specializing in customized infrastructure solutions, consulting, and ongoing management. As part of the Akamai Partner Program, Aptum will now deliver day 0–2 support for organizations adopting the Akamai Cloud. The alliance comes as more small-to-midsize businesses and large enterprises explore cloud repatriation strategies and focus on sustainable operations. By combining expertise, Akamai and Aptum aim to simplify cloud migration and transformation, accelerate the development of cloud-native applications, and identify ways to optimize costs. Cyber Technology Insights : Atos…

In 2025, cybercriminals target organizations worldwide with identity attacks, cloud security breaches, and AI-powered cyberattacks. CrowdStrike 2025 Threat Hunting Report indicates that advanced threat actors are leveraging generative AI, cloud misconfiguration, and human identity weakness to perform cross-domain attacks that completely bypass traditional security controls. Interactive cyber attacks increased 27% year over year, and 81% of attacks were malware-free, showing a trend to more low-profile, high-level techniques. eCrime groups are commonplace, making up 73% of attacks today, and cloud intrusions have increased 136% in the first half of 2025 compared to 2024. Vishing campaigns are increasing as well, breaking earlier…