Blumira Briefings
Staying on top of security news shouldn't be another full-time job.
Enter Blumira Briefings, our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! đź”’
Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will:
- Share the top threats, suspects, and risks we're seeing across our detection and response platform
- Discuss significant security stories and what they mean for YOU
- Provide practical advice you can actually implement right away
••Keep it conversational, informative, and under 30 minutes
Blumira Briefings
🦔 Blumira Briefings Ep. 19: Security Wins, Zero Trust Turns 15, Education Beats Ransomware
It was a rare "light week" for major critical updates, giving us a chance to talk about some deeper trends and stories. Here’s what we covered:
📧 Microsoft Exchange 2016/2019 end of support coming in 30 days - migration options and considerations
đź’» NPM supply chain attack limited to minimal damage despite widespread potential impact, attackers made less than $1k
🤖 Microsoft forcing Copilot installation in October - we talk security implications and how to opt-out
🔒 Zero Trust’s quinceañera - can it still help us, or has the term been too “buzzwordified”?
🎓 Education sector's impressive ransomware defense improvements - ransom amounts dropping, and payments dropping even more!
đź’ˇ Quick tip of the week: Try treating every remote device as though it were connecting from an unknown coffee shop network - implement strong network segmentation, SSL everywhere, and posture checks to maintain security regardless of connection location
Plus, Expert Insights On:
- Why some organizations still opt for on-premises Exchange versus cloud alternatives
- The security implications of auto-installing AI tools like Copilot with hard-to-find opt-out options
- How the "Salty2FA" phishing kit demonstrates increasing sophistication in social engineering attacks
- Why positive reinforcement works better than punishment in security awareness programs
- How to leverage education sector successes as examples when advocating for security investments
đź“° SOURCES:
Microsoft Exchange 2016/2019 End of Support: https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-30-days/
NPM Supply Chain Attack: https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack/
Microsoft Copilot Force Install: https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-the-microsoft-365-copilot-app-in-october/
Salty2FA Phishing Kit: https://www.infosecurity-magazine.com/news/salty2fa-phishing-kit/
Education Ransomware Success: https://www.infosecurity-magazine.com/news/ransomware-payments-plummet/
Zero Trust at 15: https://www.securityweek.com/zero-trust-is-15-years-old-why-full-adoption-is-worth-the-struggle/