🔔 It's time for your essential security download with Blumira Briefings! This week, Zoe is joined by Mike Toole, Nick Dixon, and Justin Kikani to break down the week's most important security headlines with context you can actually use. 🔔

What We Cover This Week:

📱 Android's largest patch of 2025 with 120 fixes, including two actively exploited vulnerabilities

🌐 EOL’d TP-Link router flaws added to CISA's Known Exploited Vulnerabilities catalog

☁️ New research: massive phishing operation abusing expired domains through Google Cloud and Cloudflare infrastructure

🔑 SalesLoft Drift breach via GitHub account compromise affecting 22+ known companies so far

💻 New research showing remote access software abuse as the #1 pre-ransomware indicator

💡 Quick tip of the week: Consider using Canary Tokens embedded in your website's branding or footer to get alerts when someone clones your site for phishing purposes

Plus, Expert Insights On:

- How to handle Android devices that are no longer receiving manufacturer updates

- Why to treat every remote work laptop like it's connecting from a coffee shop

- Practical tips for keeping track of your organization's domains, to prevent brand impersonation

- Best practices for rapid response to remote access tool abuse, key to preventing ransomware execution

- Why you should consider rotating API keys after vendor security incidents

📰 SOURCES:

Android's September Security Patch: https://www.theregister.com/2025/09/03/android_patch_september/

TP-Link Router Vulnerabilities: https://thehackernews.com/2025/09/cisa-flags-tp-link-router-flaws-cve.html

Phishing Empire Using Google Cloud: https://www.darkreading.com/cloud-security/phishing-empire-undetected-google-cloudflare

SalesLoft Drift Breach: https://thehackernews.com/2025/09/salesloft-takes-drift-offline-after.html

Remote Access Abuse Study: https://www.infosecurity-magazine.com/news/remote-access-abuse-pre-ransomware/