Blumira Briefings
Blumira Briefings
Podcast Description
Staying on top of security news shouldn't be another full-time job.Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:Share the top threats, suspects, and risks we're seeing across our detection and response platformDiscuss significant security stories and what they mean for YOUProvide practical advice you can actually implement right away••Keep it conversational, informative, and under 30 minutes
Podcast Insights
Content Themes
The show focuses on critical security issues, trending threats, and risk analysis, with episodes discussing topics such as major vulnerabilities in software, breach incidents involving well-known companies, and analysis of specific security tools and methods. For example, the latest episode covers new flaws in VMware Tools and CrushFTP, CheckPoint's breach confirmation, and the rise of ransomware techniques like BlackSuit.
Staying on top of security news shouldn’t be another full-time job.
Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒
Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:
- Share the top threats, suspects, and risks we’re seeing across our detection and response platform
- Discuss significant security stories and what they mean for YOU
- Provide practical advice you can actually implement right away
••Keep it conversational, informative, and under 30 minutes
🔔 Welcome back to Blumira Briefings! Fresh from RSA, we're diving into the week's critical security stories with Mike Toole, Michael Keller, and Jake Ouellette to provide actionable context for IT and security teams. 🔔
What We Cover This Week:
📊 Top trending threats, including suspicious Microsoft 365 activity, Sophos blocked website alerts, and important batch script execution patterns
🔊 ”AirBorne” – Wormable AirPlay flaws affecting not just Apple devices but also smart speakers, TVs, and CarPlay systems
🛡️ Two SonicWall vulnerabilities being actively exploited despite patches being available since 2023/2024
🧩 ”Bring Your Own Installer” EDR bypass technique used in ransomware attacks against SentinelOne
🪟 Windows RDP session persistence that allows continued access after password changes or account disabling
☁️ Novel privilege escalation technique in Google Cloud Platform using resource tags
💡 Expert Insights On:
– Why attackers consistently use net commands for reconnaissance and how to detect them
– Practical mitigation strategies for AirPlay vulnerabilities, especially for devices that rarely get updates
– The security implications of ”wrapper apps” that modify secure messaging platforms
– How to implement stronger cloud access controls to prevent privilege escalation
🔍 QUICK TIP: Check if your organization has RDP directly exposed to the internet – if you do, it's one of the highest risk indicators for a potential breach!
🔗 LINKS:
AirPlay Security Issues: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html
SonicWall Vulnerabilities: https://www.securityweek.com/sonicwall-flags-two-vulnerabilities-as-exploited/
EDR Bypass Research: https://www.aon.com/en/insights/cyber-labs/bring-your-own-installer-bypassing-sentinelone
Windows RDP Issue: https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
GCP Privilege Escalation: https://www.mitiga.io/blog/tag-your-way-in-new-privilege-escalation-technique-in-gcp
Prowler (Cloud Security Tool): https://prowler.com/
SocGholish Malware Analysis: https://www.blumira.com/blog/socgholish-malware-recent-trends-and-effective-detection-strategies
Subscribe for weekly security insights every Friday at 1pm ET!
#CyberSecurity #VulnerabilityManagement #BlumiraBriefings #AirPlay #AppleSecurity #CloudSecurity #EDR
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.