August 7th, 2024 Security Briefing with IANS Faculty ⁠Dave Shackleford⁠ and ⁠Shannon Lietz

This Episode Details:

• Azure’s DDoS Outage - Microsoft experienced a major outage in its Azure service at the end of July, which it later attributed to an ongoing DDoS attack. Numerous Azure and M365 services were impacted, including Entra, Intune, Purview, Azure Policy and more.
• Malware Delivery via Cloudflare Tunnels - Cloudflare Tunnels (similar to VPN tunnels from Cloudflare) have been heavily involved in malware dissemination campaigns. Numerous actors have used these through the TryCloudflare free service to distribute remote access trojans (RATs) like VenomRAT and Xworm.
• ISP DNS Poisoning for Chinese Malware Delivery - A Chinese threat actor (known commonly as StormBamboo, Evasive Panda and StormCloud) has been using DNS poisoning attacks against ISPs to deliver malware through fake automatic updates. Organizations querying the legitimate automatic update domains were seeing malware delivery through modified responses.

With ⁠⁠IANS Research⁠⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

July 10th, 2024 with IANS Faculty ⁠Jessica Hebenstreit and ⁠Shannon Lietz⁠

This Episode Details:

• Phone Numbers Leaked in Twilio Breach - On July 1, 2024, Twilio posted a security alert on their site indicating the Authy service had a security incident following an announcement by the ShinyHunters hacking group in late June on BreachForums where they disclosed the leaked data for 33M Authy users.
• Critical Vulnerabilities in Rockwell Automation PanelView Plus - The Microsoft Defender for IoT research team was able to identify and surface vulnerabilities in PanelView Plus, determined during an investigation where application behavior and the lack of encryption raised concerns.
• HealthEquity Suffers Data Breach - On July 2, 2024, HealthEquity filed a Form 8-K with the SEC that declared a cybersecurity incident and detailed a compromise of a partner’s account and data leak of protected health information (PHI) for its customers.

June 5th, 2024 with IANS Faculty Dave Shackleford and Wolfgang Goerlich

This Episode Details:

• Snowflake Incident and the Data Breach Fallout - Snowflake, a cloud analytics and storage company, suffered an incident which led to a compromise of multiple Snowflake tenants from that point on.
• Microsoft Warns of Online OT Device Attacks - Microsoft’s threat intelligence team has found that attackers have increased their focus on exposed OT devices since late 2023, potentially leading to a wider range of compromise scenarios.
• SOHO Routers—a New Attack Surface? - In a newly published research report from Lumen Technologies, a strain of malware they’ve dubbed Chalubo was apparently responsible for a huge attack against small office and home office (SOHO) routers in 2023. This malware incident took place over a 72-hour period between October 25 and 27, rendered the infected devices permanently inoperable.

May 1st, 2024 Security Briefing with IANS Faculty Wolfgang Goerlich and Jessica Hebenstreit

Kaiser Notifies Millions of Data Breach - 13.4 insured people and patients will be receiving breach notices that their protected health information may have been compromised - considered the largest health-related data breach of 2024 to date.

Criminals Exploit CrushFTP Vulnerability - Adversaries are exploiting a vulnerability in CrushFTP to gain remote code execution (RCE). The vulnerability (CVE-2024-4040) combines server-side template injection with a virtual file system sandbox escape to allow attackers to read and execute files as root on Linux systems hosting CrushFTP.

Brokewell Malware Takes Over Android Devices - Discovered and documented by researchers at ThreatFabric, Brokewell is malware running on Android phones and devices.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

March 13th, 2024 Security Briefing with IANS Faculty Dave Shackleford and Jennifer Minella

This Episode Details:

• Microsoft Source Code Stolen - Microsoft has revealed that the Russian 'Midnight Blizzard' hacking group gained access to source code and internal systems with harvested authentication tokens and credentials.
• Chinese Cranes: Possible Espionage? - In March of 2023, the U.S. Pentagon reported that Chinese-manufactured cranes in U.S. ports may contain monitoring equipment used in long-range espionage. After a yearlong investigation, these concerns are proving to be accurate.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

February 28th, 2024 Security Briefing with IANS Faculty Jessica Hebenstreit and Dave Shackleford

This Episode Details:

• Change Healthcare Impacted by Cyber Attack - Explore the impacts of Change Healthcare's recent BlackCat breach.
• I-Soon Hackers for Hire Used by Chinese Government Agencies - Last week, leaks surfaced on Github that various Cinese government agencies have been using hackers for hire as part of an ongoing campaign to break into foreign governments and telecoms.
• NIST CST 2.0 - In addition to the original five core pillars of NIST CSF, "govern" was added with the goal of helping organizations incorporate cybersecurity risk management into enterprise risk management.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

February 14th, 2024 Security Briefing with IANS Faculty Jake Williams and Gal Shpantzer

This Episode Details:

• Shim Secure Boot Bypass Vulnerability - New vulnerabilities in the Shim service are being used to securely boot on Linux. Impacted systems that use HTTP boot services risk full compromise of the device.
• New Fortinet Vulnerabilities - Following the announcement of CVE-2024-21762 from Fortinet, CUSA quickly added the vulnerability to its Known Exploited Vulnerabilities list, indicating it has reports of threat actors using it in the wild.
• Additional Ivanti Disclosures - Ivanti has disclosed additional security vulnerabilities in it's Pulse line of VPN products.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

February 7th, 2024 Security Briefing with IANS Faculty Jessica Hebenstreit and Jennifer Minella

This Episode Details:

• China Targeting U.S. Infrastructure - The director of the FBU discolsed that China's "Volt Typhoon" group is ramping up hacking operations aimed at critical infrastructure in the United States in the event of a conflict over Taiwan.
• Ivanti: CISA Sets 48-hour Deadline for Removal - The CIA issued a directive that gave federal agencies using Ivanti Connect Secure or Ivanti Policy Secure solutions less than 48 hours to disconnect all instances and take specific steps to put it back into production.
• Cloudflare Hacked With Stolen Okta Auth Tokens - The Okta breach of 2023 left in it's wake lost tokens and service account credentials related to Cloudflare, since a victim of nation-state actor infiltration. This is how they addressed it.

With IANS Research, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

The CISO job market has been slow in 2024 – largely due to conservative job movement caused by challenging macroeconomic conditions, but signs of improvement are emerging for 2025.

Want to learn more? Download the summary version of IANS' 2024 CISO Compensation Benchmark Report here.

In this webinar, IANS Faculty Steve Martano and Senior Research Director Nick Kakolowski will share insights from the recently published 2024 IANS and Artico Search CISO Compensation Survey and discuss how CISOs can best navigate the marketplace.

Join the session to hear:

• A detailed breakdown of CISO compensation benchmarking data and how to use it to assess your market value
• The market conditions causing the slowdown
• Strategies for CISOs to differentiate themselves in this challenging environment
• Strategic guidance on how best to prepare for increased job movement in 2025

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

December 4th, 2024 Security Briefing with IANS Faculty ⁠Wolfgang Goerlich⁠ and ⁠Jake Williams

This Episode Details:

• Cloudflare’s Missing Logs - On November 14, Cloudflare made changes to an internal service that resulted in the loss of 55% of all logs pushed to customers over a 3.5 hour period. Users of the “Cloudflare Logs” service were impacted by what can only be described as a cascading failure.

• LogoFAIL Actively Exploited - Last week, researchers discovered code named BootKitty that was using the LogoFAIL vulnerability to exploit UEFI and load malware at boot time. Malware deployed in this manner loads before any security products and breaks the “secure boot” paradigm.

• RomCom’s Firefox Zero Days - Security firm ESET has identified that the Russian-attributed threat actor group RomCom is using an exploit chain of two zero-day vulnerabilities in Firefox to exploit targets across Europe and North America. The exploits do not require user interaction (zero-click).

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

November 13th, 2024 Security Briefing with IANS Faculty Wolfgang Goerlich and Jessica Hebenstreit

This Episode Details:

• Continued Fallout from the MOVEit Breach - From May-July 2023, Progress Software worked with CISA and the FBI to recover from an attack by the CL0P ransomware group. This week, more data leaked from this event was posted to a crime forum.

• North Korea Writing MacOS Malware - Jamf Threat Labs identified new malware which they attribute to the BlueNoroff APT group (a North Korean state-sponsored group) which runs specifically on the Apple MacOS.

• TSA’s Proposed Rules for Pipelines, Railroads, Airlines - This week, the TSA issued proposed cyber mandates for pipelines, railroads, and airlines. The proposed cost is $2 billion over ten years, requires organizations to develop a Cybersecurity Operational Implementation Plan (COIP).

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

October 28th, 2024 AI Deep Dive with IANS Faculty Jake Williams and Jessica Hebenstreit

Join IANS Faculty Jake Williams and Jessica Hebenstreit in the first episode of IANS AI Deep Dive Series for security professionals. This episode will cover:

• Foundational AI Concepts such as non-determinism and how to communicate these concepts to the board to build security awareness around GenAI and LLM’s.
• What considerations need to be made in determining use cases for AI are aligned with the needs of your organization.
• Examples of real world use cases, where security plays a role, and where security teams can leverage AI.

Interested in more AI content? Check out IANS AI Resources page and sign up for our AI Playbook series!

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

With budget planning season kicking off, we’re opening up the budget-related findings of the IANS and Artico CISO Compensation and Budget Survey ahead of our usual reporting cycle. The goal: Give you the benchmarking data you need to make a budget case. IANS Senior Research Director Nick Kakolowski and Faculty member Steve Martano will discuss:

• Key cybersecurity budget data as reported by CISOs.
• Overarching market trends influencing budget conversations.
• Advice on how to navigate complex budget conversations and get the support your team needs.

Interested in learning more about IANS and Artico's budget findings? Download IANS Security Budget Benchmark Summary Report!

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

September 4th, 2024 Security Briefing with IANS Faculty Dave Shackleford and Jennifer Minella

This Episode Details:

• North Korean Hackers Target Devs via NPM Packages - Recent reports show North Korea is intensifying its “Contagious Interview” campaign, with the latest round squarely targeting developers.

• CISA, FBI Advisory for RansomHub Ransomware - Recent warnings from the FBI, CISA and other agencies highlight a significant uptick in ransomware attacks by the RansomHub group, responsible for over 200 incidents since February 2024.

• Largest DDoS Attack and A New Mirai Botnet - On August 25th, Global Secure Layer reported mitigating what appears to be the largest packet rate DDoS in history. Targeting a Minecraft service, the peak packet rate of the DDoS attack reached 3.15 billion packets per second, reportedly about 3.2 times the volume of the previously largest attack.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

CISOs are currently under more pressure than ever to deliver results with lean teams and increasingly scrutinized budgets.

CISOs’ scope continues to expand while boards and leaders are continually focused on cyber budgets and program execution. At the same time, resources are tight and orgs are still figuring out how to navigate emerging areas of digital risk – particularly AI and its corresponding data governance implications.

CISOs who navigate these challenges successfully will set themselves apart by enhancing their personal brand and the reputation and success of the programs they lead.

In this session, IANS Faculty Steve Martano and IANS Senior Research Director Nick Kakolowski will provide a deep dive into the current state of the CISO role. They’ll cover:

• How the job scope of the CISO is shifting and what CISOs think about those changes.
• Trends in how CISOs are interacting with the board and advice for influencing at the highest levels of the organization.
• Market observations and anecdotal guidance on how to position yourself to achieve your career goals.

Interested in learning more about IANS and Artico's State of the CISO findings? Download ⁠IANS State of the CISO Summary Report!

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

2025 Deep Dive Webinar and Podcast with IANS Faculty⁠⁠Jessica Hebenstreit⁠ and ⁠⁠⁠Jake Williams⁠

Infosec teams are stretched. Budgets are flat, resources are strained, and we’re always trying to stay one step ahead of adversaries.

Layer in new regulations, the integration of AI into seemingly all aspects of the business, and other disruptions. It’s no wonder CISOs and their teams are constantly challenged as to where to prioritize their time, resources, and activities.

In this podcast, IANS Faculty Jake Williams and Jessica Hebenstreit call out the areas they believe will be most impactful to CISOs and their teams in 2025. Hear an overview of the trends and recommendations of actionable steps to work into your roadmap. Topics of discussion include:

• How to ensure you’re getting value out of AI in security operations (and words of caution)
• The evolving role of the SOC in the face of increased coverage of MDR services (e.g., Falcon Complete)
• Cyber resiliency and planning for CrowdStrike 2.0
• Implications of the new EU product liability directive

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

January 8th, 2025 Security Briefing with IANS Faculty ⁠Jessica Hebenstreit and ⁠⁠Jake Williams⁠

This Episode Details: Treasury Gets BeyondTrusted - The Treasury Department reported that it was the victim of a compromise on its unclassified network. It reported that the source of the hack was a third party facilitating remote access into the environment, which is known to be BeyondTrust.

Browser Plugins Are a (Cyber)haven for Malware - On Christmas Eve, a Cyberhaven developer fell victim to a phish that allowed a threat actor to publish applications to Cyberhaven’s account in the Google Chrome Web Store where browser extensions are published. CDN Shutdowns and Build Pipelines - The CDN provider Edgeio is in Chapter 11 bankruptcy proceedings and is facing imminent shutdown of its CDN services. While Edgeio customers are in a mad scramble to migrate off the platform, many organizations don’t realize they’ll be impacted by this.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

April 9th, 2025 Security Briefing with IANS Faculty ⁠⁠⁠⁠Jake Williams⁠⁠⁠ and ⁠Jessica Hebenstreit⁠

This Episode Details:

EU Companies Exploring Alternatives to US Cloud Providers - WIRED reported that some EU companies are exploring ways to de-risk their involvement with U.S. cloud providers by looking at alternatives to Amazon, Google, and Microsoft.

More Cuts at CISA - Reporters at Politico (among others) are reporting additional staffing cuts coming to CISA imminently. Some reports detail expectations of as many as 1300 of CISA's 3300 remaining staff to be cut.

Novel Supply Chain Bug Bounty - In February, Roni Carta (aka Lupin) published a post-mortem on a bug bounty that involved a complex supply chain attack. The impact was so severe that the organization paid Carta and his partner Snorlhax $50k for the report

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

March 5th, 2025 Security Briefing with IANS Faculty ⁠⁠⁠Jake Williams⁠⁠ and Wolfgang Goerlich

This Episode Details:

U.S. Pauses Offensive Cyber Ops Against Moscow - The United States has suspended its offensive cyber activities targeting Russia. This decision, authorized by U.S. Defense Secretary, aims to encourage Moscow to engage in negotiations to end the ongoing conflict in Ukraine.

DPRK Behind the $1.5B Bybit Heist - The FBI confirmed that the North Korean Lazarus Group (also known as TraderTraitor) was responsible for the recent theft of approximately $1.5 billion in virtual assets from the cryptocurrency exchange Bybit.

Copilot Exposes Private GitHub Pages - The AI security firm Lasso has identified GitHub Copilot, an AI coding assistant, was inadvertently exposing private GitHub Pages. So called “zombie repositories" (repositories that were once public and are now private) were retrievable using specific Copilot prompts.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

April 30th, 2025 Security Briefing with IANS Faculty Dave Shackleford⁠⁠⁠⁠ and ⁠⁠Shannon Lietz

This Episode Details:

• Verizon DBIR 2025: In this year’s version of the Verizon Data Breach Investigations Report (DBIR), there were several main takeaways.
• State of Mobile Security 2025: With adversaries' growing interest in mobile attack vectors, this year’s State of Mobile Security report by NowSecure introduces a need to help users understand that they should minimize what they add to their phones.
• Darcula Gets GenAI Features: Netcraft researchers have documented the extension of Darcula with GenAI features, reducing the barrier to entry for attackers looking to create their own phishing campaigns.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

June 4th, 2025 Security Briefing with IANS Faculty Jake Williams and Jessica Hebenstreit

This Episode Details:

• Virgin Media O2 Exposed Customers’ Geolocations: A network security flaw in Virgin Media O2’s 4G network and Wi-Fi calling features exposed sensitive customer data, including geolocation via Cell ID, SIM card information, and phone model details.
• ConnectWise Breached by Nation-State Actors: On May 28, 2025, ConnectWise confirmed it had “recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation-state actor, which affected a very small number of ScreenConnect customers.”
• Zscaler Acquires MDR Provider Red Canary: On May 27, 2025, Zscaler announced an agreement to acquire Red Canary, a leading Managed Detection and Response (MDR) provider. This move reflects the ongoing consolidation and platformization trend across the cybersecurity market.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

August 13th, 2025 Security Briefing with IANS Faculty ⁠Jake Williams⁠ and ⁠Jessica Hebenstreit

This Episode Details:

• Exchange Server Vulns: Researchers from Outsider Security presented on a new vulnerability in Exchange Server on premises that could allow a threat actor to take control of associated M365 tenants under certain circumstances.
• The SonicWall Zero Day That Wasn’t: In July, security researchers noticed increased exploitation of SonicWall devices. This lead many to theorize that there was another zero day in SonicWall’s software.
• GitHub CEO Leaves, Microsoft Won’t Be Replacing Him: The CEO of GitHub, Thomas Dohmke, has announced he is leaving the company. Microsoft has announced it is not replacing Dohmke. Instead GitHub will no longer function as an independent organization from Microsoft.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

July 9th, 2025 Security Briefing with IANS Faculty ⁠Wolfgang Goerlich⁠ and ⁠Jessica Hebenstreit⁠

This Episode Details:

• SEC and SolarWinds Make a Deal: The U.S. Securities and Exchange Commission (SEC) and SolarWinds have reached a preliminary agreement to settle the high-profile lawsuit stemming from the 2020 cyberattack.
• Instagram Rotating Certificates Daily: Earlier this year, the CA/Browser Forum agreed to drastically reduce the lifespan of public certificates (Ballot SC081v3). The agreed upon enforcement schedule is 398 days in 2025, 200 days starting in 2026, 100 days starting in 2027, and 47 days starting in 2029.
• IT Supplier the Latest Ransomware Victim: Ingram Micro found itself grappling with a ransomware incident that took key internal systems offline just as the July 4 holiday weekend began. While details remain thin and statements tight-lipped, what’s emerging looks like a familiar but increasingly frustrating playbook: Attackers leveraged credential-based access to a Palo Alto GlobalProtect VPN, moved laterally, and escalated privileges.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.