Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A newly discovered exploit, “ToolShell,” is fueling a wave of targeted attacks against on-premises Microsoft SharePoint servers. The zero-day exploit chains two vulnerabilities—CVE-2025-53770, a remote code execution (RCE) vulnerability and CVE-2025-53771, a spoofing vulnerability that allows attackers to bypass authentication. When combined, this critical zero-day vulnerability gives attackers persistent unauthenticated remote access to on-premises SharePoint servers.

Aligning with the Australian Government’s Information Security Manual (ISM) and the Essential Eight (E8) remains a foundational step for organizations working with or alongside government agencies. Trustwave’s Essential Eight Control Effectiveness Assessment is a great first step, but relying solely on compliance as a goal can leave security programs stagnant.

That was the message from major UK retailers like Marks & Spencer and the Co-op during recent Parliamentary hearings on cyber resilience. Their stories weren’t hypothetical, they were recovering from real-world incidents involving identity compromise, supply chain breaches, and operational disruption that cost hundreds of millions of pounds. The lesson is clear. Prevention is necessary, but it is no longer enough.

Being alert to ransomware is nothing new. Ransomware can wreak havoc and often cause permanent damage to endpoints, unless effective recovery processes are in place. Many ransomware operators attempt to delete shadow copies and other recovery methods, which makes redundancy in recovery essential. However, the situation becomes even more serious with the emergence of microcode ransomware.

Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes in two stages: an initial first-stage loader, followed by a second-stage infostealer. NPM is the package manager for the Node.js JavaScript platform, which allows developers to share and manage JavaScript libraries and tools.

Contingency planning is the process of determining how to respond to disruptive events. Most organizations are so dependent on IT resources, and most IT resources are so complex, interdependent, and attack prone, that contingency planning is essential to enable organizations to mitigate the likelihood, impact, and duration of disruptions to IT systems.

In this article In 2025, the role of the Chief Information Security Officer (CISO) and compliance leadership has become even more critical in ensuring that risk assessments are not only comprehensive but also agile and adaptive. Artificial Intelligence (AI) has emerged as a transformative force in cybersecurity, enabling risk assessments to be automated, more accurate, and proactive.

In this article Chief Information Security Officers (CISOs) face a dual imperative in the digital landscape of today: safeguarding their organizations from an ever-evolving threat landscape while managing escalating security costs. Artificial Intelligence (AI) offers transformative potential in meeting these challenges by automating threat detection, streamlining compliance, and optimizing resource allocation.

Unauthorized access, insider threats, and privilege misuse can all lead to significant data breaches, and often, the root of the problem lies in how privileged accounts are managed. That’s why controlling privileged access is a top security priority for organizations of all sizes. Two common approaches to managing privileged access are Privileged User Management (PUM) and Privileged Access Management (PAM).

The Arctic Wolf Labs team has identified a new campaign by cyber-espionage group Dropping Elephant targeting Turkish defense contractors, specifically a manufacturer of precision-guided missile systems. The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems.