Hats off to the great work the community and industry has done regarding the “ToolShell” attack against Microsoft’s On-Premise SharePoint servers. The goal of this article is to build on that great work and help Sumo Logic customers with on-prem SharePoint servers investigate and identify evidence within their environments.

On July 23, 2025, Mitel released fixes for a critical authentication bypass vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE, a communication platform used for enterprise voice and collaboration services. The vulnerability allows unauthenticated remote threat actors to gain unauthorized access to publicly exposed Mitel voice systems and access user or administrator accounts due to improper access controls.

In today’s cloud-first world, security teams need real-time, actionable visibility into user activity and threats across the web, cloud, and private apps. The newly announced Netskope Log Streaming delivers just that. Netskope’s Log Streaming solution delivers significant value by providing real-time access to all Netskope-generated security logs directly into customers’ preferred cloud storage and last mile security information and event management (SIEM) tools.

On July 23rd the notorious Russian-language hacking forum XSS.is was seized by French law enforcement agencies. Interestingly, just a few hours before the takedown, Cyberint, now a Check Point Company researchers were informed by “Loki,” a well-known moderator on BreachForums, that one of XSS’s admins had allegedly been arrested by the French. This follows a series of actions by French authorities, who have arrested BreachForums admins over the past few months.

Connected devices are powering transformation in every sector, whether it’s smart meters in energy, robotic arms in manufacturing, or infusion pumps in healthcare. But alongside innovation comes risk. More than 50% of connected devices have a known vulnerability, and with security breaches in IoT rising year over year, it’s no longer enough to bolt on protection after the fact.

On July 23rd, the White House released America’s AI Action Plan, a sweeping federal strategy to drive U.S. leadership in artificial intelligence. The message was loud and clear: AI is a national imperative. The plan calls for removing regulatory barriers, investing in infrastructure, and accelerating AI adoption across commercial and government sectors. For data security leaders, this signals a pivotal shift.

Legacy SOAR solutions emerged in an era of traditional, static on-premises networks with fewer sophisticated threats. But today’s cybersecurity landscape is dramatically different — attack surfaces rapidly evolve, threats are multifaceted, and cybersecurity talent is increasingly scarce. As organizations struggle with sprawling security stacks and burned-out SOC teams, legacy SOAR solutions reveal their significant limitations.

For a AI software company like Riscosity, which helps organizations secure and govern data flows to third parties, compliance is not just a regulatory requirement—it is central to the value proposition. Recognizing this, Riscosity has launched a dedicated Trust Center at trust.riscosity.com, powered by industry leader Vanta, to streamline how it communicates its compliance posture with current and prospective customers.

Cybersecurity is no longer just a tech issue—it's a priority that sits right at the boardroom table. With escalating cyberattacks that are becoming both more frequent and complex, the pressure is on for CIOs and CISOs. The implications of not having clear visibility into our networks can be dire. According to Cybersecurity Ventures, the financial toll of cybercrime could reach a staggering $9.5 trillion by 2024—almost three times what it was in 2015.