Overview Over the past few weeks, our Incident Response and SOC teams have detected a widespread phishing campaign targeting primarily U.S.-based organizations, including those in the financial services, healthcare, insurance, construction, manufacturing, and engineering sectors. The campaign leverages Microsoft 365’s…
When a user reaches out for a password reset or account assistance, your support team becomes the gatekeeper – balancing usability with the critical responsibility of protecting access. Handled correctly, these interactions help prevent unauthorized access. Handled carelessly, they can…
“Global Threats, Local Impact: This Week’s Cyber Risk Update” This past week has been a loud reminder that cyber threats are growing in speed, scale, and sophistication. From nation-state actors exploiting enterprise systems to AI-driven fraudsters executing multi-million-dollar scams, the…
CVE-2025-53770: “ToolShell” RCE Hits On-Prem SharePoint Servers Summary A critical remote code execution vulnerability—CVE‑2025‑53770—has emerged, targeting on-premises Microsoft SharePoint. Discovered as part of an attack chain dubbed “ToolShell,” this issue allows unauthenticated network-based code execution via deserialization of untrusted data…
