PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability

December 6, 2024 at 06:38AM WatchTowr warned of an unpatched vulnerability in the Mitel MiCollab platform, allowing attackers to access restricted resources. Over 16,000 instances are affected, with an arbitrary file read flaw requiring admin authentication to exploit. Mitel has released patches for related vulnerabilities and recommends users update to the latest version. **Meeting Takeaways:** … Read more

Secrets Exposed: Why Your CISO Should Worry About Slack

September 3, 2024 at 03:42AM Summary: Secrets, like API keys and passwords, pose a significant risk when accidentally shared in collaboration tools. Machine identities now outnumber human identities, and secrets are found not only in code but also in tools like Slack and Jira. Integrating platforms like GitGuardian for real-time monitoring and training teams on … Read more

Google Workspace rolls out multi-admin approval feature for risky changes

April 10, 2024 at 03:20PM Google is introducing a new Workspace feature, “multi-party approvals,” requiring multiple admins to approve high-risk setting changes to enhance security. It aims to prevent unauthorized or accidental modifications while providing a streamlined process for admins. The feature rolls out gradually over two weeks and requires activation in the Security settings. … Read more

Reduce Business Email Compromise with Collaboration

January 18, 2024 at 03:14PM The Trend Micro’s Trend Vision Oneā„¢ platform integrates business email security with collaboration, addressing the increasing need for unified protection. It provides comprehensive threat protection, detection, and response across email, servers, cloud, and network, assisting IT and security teams in managing risks effectively. The solution aims to prevent phishing, ransomware, … Read more

More Than 100 Vulns in Microsoft 365 Tied to SketchUp 3D Library

November 1, 2023 at 07:05PM A recent report from ZScaler’s ThreatLabz revealed that Microsoft 365 has numerous vulnerabilities due to its support for the SketchUp 3D Library. Over a three-month period, ZScaler identified 117 unique vulnerabilities, prompting Microsoft to release patches. However, the fixes were bypassed, resulting in Microsoft temporarily disabling SketchUp support in June … Read more

Securing Modern Enterprises in a Borderless Landscape

October 30, 2023 at 03:08AM The COVID-19 pandemic led to a surge in remote work, prompting organizations to quickly adopt remote collaboration tools. However, ensuring robust security for remote access has been a challenge. To address this, Cisco partnered with Forgepoint Capital, NightDragon, and Team8 to create the 2023 CISO Survival Guide, a framework for … Read more