Blumira Briefings

🦔 Blumira Briefings Ep. 19: Security Wins, Zero Trust Turns 15, Education Beats Ransomware


Listen Later

It was a rare "light week" for major critical updates, giving us a chance to talk about some deeper trends and stories. Here’s what we covered:


 📧 Microsoft Exchange 2016/2019 end of support coming in 30 days - migration options and considerations

đź’» NPM supply chain attack limited to minimal damage despite widespread potential impact, attackers made less than $1k

🤖 Microsoft forcing Copilot installation in October - we talk security implications and how to opt-out

🔒 Zero Trust’s quinceañera - can it still help us, or has the term been too “buzzwordified”? 

🎓 Education sector's impressive ransomware defense improvements - ransom amounts dropping, and payments dropping even more!


đź’ˇ Quick tip of the week: Try treating every remote device as though it were connecting from an unknown coffee shop network - implement strong network segmentation, SSL everywhere, and posture checks to maintain security regardless of connection location


Plus, Expert Insights On:

  • Why some organizations still opt for on-premises Exchange versus cloud alternatives
  • The security implications of auto-installing AI tools like Copilot with hard-to-find opt-out options
  • How the "Salty2FA" phishing kit demonstrates increasing sophistication in social engineering attacks
  • Why positive reinforcement works better than punishment in security awareness programs
  • How to leverage education sector successes as examples when advocating for security investments


📰 SOURCES: 

Microsoft Exchange 2016/2019 End of Support: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-30-days/ 

NPM Supply Chain Attack: https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack/ 

Microsoft Copilot Force Install: https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-the-microsoft-365-copilot-app-in-october/ 

Salty2FA Phishing Kit: https://www.infosecurity-magazine.com/news/salty2fa-phishing-kit/

Education Ransomware Success: https://www.infosecurity-magazine.com/news/ransomware-payments-plummet/

Zero Trust at 15: https://www.securityweek.com/zero-trust-is-15-years-old-why-full-adoption-is-worth-the-struggle/

...more
View all episodesView all episodes
Download on the App Store

Blumira BriefingsBy Blumira