Blumira Briefings

Staying on top of security news shouldn't be another full-time job.

Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒

Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:

Share the top threats, suspects, and risks we're seeing across our detection and response platform
Discuss significant security stories and what they mean for YOU
Provide practical advice you can actually implement right away

••Keep it conversational, informative, and under 30 minutes

All Episodes

Blumira Briefings

🦔 Blumira Briefings Ep. 12: Critical Trend Micro Fix, TeamFiltration Attacks, NIST Zero Trust Guide

June 20, 2025 • Blumira • Season 1 • Episode 12

🔔 Your essential security briefing is here! This week, Matt Warner, Nick Dixon, and Jake Ouellette join Zoe Lindsey to break down critical developments in cybersecurity with practical context for busy IT and security teams. 🔔

What We Cover This Week:

🔐 Trend Micro patches 6 critical vulnerabilities (CVSS 9.8) in Apex Central and PolicyServer products - and how the deserialization method leveraged to exploit them works

🔍 Over 80,000 Microsoft Entra ID accounts targeted using TeamFiltration - how this pen testing tool is being weaponized by attackers

📘 NIST's new Zero Trust Implementation Guide - less conceptual introductions, with better focus on practical implementation

📊Latest World Economic Forum report shows smaller organizations feel they are approaching cybersecurity breaking point - the panel talks how to get strategic when resources and time are tight

💡 Quick tip of the week: Perform a gap assessment to identify high-impact, low-effort security improvements to prioritize first — evolution, not reinvention is the name of the game!

Plus, Expert Insights On:

Why traditional rate limiting fails against sophisticated password sprays
The usefulness of frameworks to start with the right questions
Strategies for prioritizing security efforts to avoid burnout

🔗 LINKS:

Trend Micro Security Bulletins:

Endpoint Encryption PolicyServer: https://success.trendmicro.com/en-US/solution/KA-0019928
Apex Central: https://success.trendmicro.com/en-US/solution/KA-0019926

NIST Zero Trust Resources:

SP 1800-35: Implementing a Zero Trust Architecture (Final): https://csrc.nist.gov/pubs/sp/1800/35/final
SP 800-207: Zero Trust Architecture (2020 Conceptual Framework): https://csrc.nist.gov/publications/detail/sp/800-207/final

Active Directory Hardening Guide: https://osintteam.blog/%EF%B8%8Factive-directory-hardening-for-enterprise-security-5832b3f75de0

📰 SOURCES:

Trend Micro Critical Vulnerabilities: https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver

NIST Zero Trust Implementation Guide: https://www.infosecurity-magazine.com/news/nist-zero-trust-implementation/

Microsoft Entra ID TeamFiltration Attacks: https://thehackernews.com/2025/06/over-80000-microsoft-entra-id-accounts.html

Small Orgs Cybersecurity Breaking Point: https://www.csoonline.com/article/4003892/smaller-organizations-nearing-cybersecurity-breaking-point.html