Author: Matt Johnson

Attackers Are Abusing Microsoft 365’s Direct Send to Send Internal-Looking Phishing

Overview Over the past few weeks, our Incident Response and SOC teams have detected a widespread phishing campaign targeting primarily U.S.-based organizations, including those in the financial services, healthcare, insurance, construction, manufacturing, and engineering sectors. The campaign leverages Microsoft 365’s…

Read More

Tech Tip Tuesday: How IT Providers Can Safely Verify Users for Password Resets

When a user reaches out for a password reset or account assistance, your support team becomes the gatekeeper – balancing usability with the critical responsibility of protecting access. Handled correctly, these interactions help prevent unauthorized access. Handled carelessly, they can…

Read More
Cyber Monday

Cyber Threat Intel – Monday | July 28, 2025

“Global Threats, Local Impact: This Week’s Cyber Risk Update” This past week has been a loud reminder that cyber threats are growing in speed, scale, and sophistication. From nation-state actors exploiting enterprise systems to AI-driven fraudsters executing multi-million-dollar scams, the…

Read More

CVE-2025-53770: “ToolShell” RCE Hits On-Prem SharePoint Servers

CVE-2025-53770: “ToolShell” RCE Hits On-Prem SharePoint Servers Summary A critical remote code execution vulnerability—CVE‑2025‑53770—has emerged, targeting on-premises Microsoft SharePoint. Discovered as part of an attack chain dubbed “ToolShell,” this issue allows unauthenticated network-based code execution via deserialization of untrusted data…

Read More
Infographic showing five key updates in NIST SP 800-61 Revision 3, including CSF 2.0 alignment, risk management focus, and a continuous incident response lifecycle.

Top 5 Changes NIST SP 800-61r3 Incident Response

NIST has released SP 800-61 Revision 3, redefining incident response for today’s threat landscape. Learn the 5 biggest changes, why they matter, and how SOClogix can help you align your IR plan with the new NIST Cybersecurity Framework 2.0.

Read More

Cybersecurity in 2025: 10 Alarming Insights from the DBIR

Every year, the Verizon Data Breach Investigations Report (DBIR) serves as a pulse check on the state of cybersecurity, and the 2025 edition pulls no punches. With ransomware more rampant than ever, third-party risk doubling, and AI creeping into the…

Read More
PENlogix logo

Your Organization Needs a Hybrid Approach to Penetration Testing

Your Organization Needs a Hybrid Approach to Penetration Testing Your organization is constantly up against new and evolving threats. Daily threat actors adapt their tactics, and fresh vulnerabilities surface faster than they can be catalogued. To stay ahead, your organization…

Read More
MSSP Alert Top 250

SOClogix Cyber Group Named to MSSP Alert’s 2024 List of Top 250 MSSPs

SOClogix Cyber Group Named to MSSP Alert’s 2024 List of Top 250 MSSPs Eighth annual list reveals leading MSSP, MDR and MSP security companies

Read More
CRT Testiing

Revolutionize Your Cybersecurity with PENlogix’s Concurrent Requirement Testing (CRT) Penetration Testing

Discover how PENlogix's Concurrent Requirement Testing (CRT) Penetration Test is revolutionizing cybersecurity with its comprehensive, efficient, and cost-effective approach, setting a new standard for thorough and timely cybersecurity assessments.

Read More
PENlogix logo

SOClogix Announces the NEXT GENERATION of Pen Testing…PENlogix 

PENlogix is the cybersecurity industry's premier expert-based Concurrent Requirement Testing (CRT) Penetration Test.

Read More