Uncategorized
Situational Awareness Report: CVE-2025-24813 Apache Tomcat RCE
Overview CVE-2025-24813 is a critical Remote Code Execution (RCE) vulnerability affecting Apache Tomcat, a widely used open-source web server and servlet container. This vulnerability enables attackers to upload a malicious serialized payload to a vulnerable server, leading to arbitrary code execution through a deserialization flaw under specific conditions. The recent release of a Proof of…
Read MoreBianLian Data Extortion Group – Updated Advisory
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have released a joint Cybersecurity Advisory detailing the tactics, techniques, and procedures (TTPs) of the BianLian ransomware and data extortion group. This advisory, updated as of November 20, 2024, provides critical…
Read MoreAre You Using M365 Co-pilot? Beware of Missing Logs and Hidden Costs
Leveraging M365 Co-pilot’s AI capabilities can be transformative for organizations, but recent insights underscore that logging and auditing around Co-pilot aren’t just optional—they’re crucial for maintaining security, compliance, and enabling effective digital forensics. According to Microsoft’s documentation, M365 Co-pilot and its associated services do not automatically enable comprehensive logging by default. This poses critical concerns…
Read More