risk management

The recent disclosure of CVE-2025-48824 has brought to light a critical vulnerability within the Windows Routing and Remote Access Service (RRAS), a core component of Windows Server operating systems. This heap-based buffer overflow flaw allows unauthorized attackers to execute arbitrary code...

IBM’s acquisition of Neudesic in early 2022 marked a pivotal move in consolidating its status as a leader in hybrid and multi-cloud consulting, but the latest news underscores how this relationship has matured into a security juggernaut. Neudesic, as a wholly owned subsidiary of IBM, recently...

Varonis Systems, a leader in data security, has announced a strategic partnership with Microsoft to enhance the security framework for the next generation of workplace AI, particularly focusing on Microsoft Copilot for Microsoft 365. This collaboration aims to integrate Varonis' Data Security...

A critical vulnerability uncovered in Synology’s Active Backup for Microsoft 365 (ABM) has sparked concern throughout the global IT security community, shedding light on the intertwined risks associated with SaaS backup providers and cloud application supply chains. The flaw, now catalogued as...

Microsoft’s strategic leap into the nexus of cybersecurity and insurance signifies a seismic shift in how enterprises perceive and manage digital risk. The June 2025 partnership between Microsoft and Antigen Security is more than just a new line of business or a clever bundling of services. It...

Few roles in the digital enterprise have undergone as fundamental a transformation in the past decade as the chief information security officer (CISO). Once defined by their stewardship of firewalls, antivirus software, and patch management, CISOs have evolved far beyond their origins as...

A sophisticated phishing campaign has been exploiting Microsoft 365's Direct Send feature, targeting over 70 organizations across various sectors in the United States since May 2025. This attack underscores the evolving tactics of cybercriminals and highlights the need for organizations to...

The constantly evolving landscape of email-based cyber threats has long challenged organizations striving to protect sensitive business communications and safeguard end users. With social engineering, phishing, and advanced persistent threats now moving at a pace that strains even the most...

On June 26, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) underscored the ongoing vulnerabilities inherent to critical infrastructure by releasing two new Industrial Control Systems (ICS) advisories. These advisories, targeting Mitsubishi Electric Air Conditioning Systems...

Here’s a summary of the news: KnowBe4 and Microsoft have announced a strategic integration aimed at boosting email security for organizations using Microsoft 365. This collaboration involves KnowBe4 Defend integrating with Microsoft Defender for Office 365, particularly its quarantine...

In the rapidly evolving digital landscape, email remains one of the most persistent attack surfaces for cybercriminals, and with attacks growing more sophisticated, enterprise reliance on powerful security platforms has become indispensable. Microsoft, a perennial leader in cloud-based...

In a significant advancement for email security, KnowBe4 has announced a strategic integration with Microsoft Defender for Office 365, marking the inaugural partnership within Microsoft's Integrated Cloud Email Security (ICES) vendor ecosystem. This collaboration aims to enhance organizations'...

In the constantly evolving landscape of cybersecurity, organizations battle daily against an onslaught of sophisticated email threats. Ransomware, business email compromise, phishing schemes, and a litany of other attack vectors continue to grow in prevalence and complexity, preying on both...

The addition of three new vulnerabilities to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog has intensified the urgency facing both public and private IT administrators. The sheer frequency at which such vulnerabilities are detected —...

In the ever-evolving world of cyber threats, collaboration and integration between leading technology vendors have increasingly become not just beneficial, but essential. The recently announced strategic alliance between KnowBe4 – globally recognized for its comprehensive human risk management...

Anyone who has ever trusted Microsoft 365 or Google Workspace with their most sensitive information—especially in regulated fields like healthcare—may want to pause and reconsider that trust after reading Paubox’s new report. Titled “How Microsoft and Google Put PHI at Risk,” the investigative...

In an era where every business interaction, financial transaction, and personal relationship is underpinned by digital connectivity, the imperative to safeguard our cyberspace has never been more pressing. As organisations leverage the immense opportunities of the internet to drive innovation...

Microsoft’s recent announcement to update security defaults for all Microsoft 365 tenants marks a significant move towards modernizing cloud security and reducing risk exposures for organizations worldwide. Starting in July, the rollout will see Microsoft 365—encompassing platforms such as...

In the rapidly evolving landscape of enterprise data security, the strategic partnership between Netskope and Microsoft marks a significant leap forward for organizations seeking to safeguard sensitive information across diverse cloud and AI-driven environments. As digital transformation...

As the October end-of-support deadline for Windows 10 approaches, organizations around the world face a pivotal moment—one that not only calls for action but also presents deep challenges, opportunities, and crucial decisions about risk, resource allocation, and technology adoption. Among...