Situational Awareness Report: CVE-2025-24813 Apache Tomcat RCE

Report: Situational Awareness on Apache Tomcat

Overview CVE-2025-24813 is a critical Remote Code Execution (RCE) vulnerability affecting Apache Tomcat, a widely used open-source web server and servlet container. This vulnerability enables attackers to upload a malicious serialized payload to a vulnerable server, leading to arbitrary code execution through a deserialization flaw under specific conditions. The recent release of a Proof of…

Read More

BianLian Data Extortion Group – Updated Advisory

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have released a joint Cybersecurity Advisory detailing the tactics, techniques, and procedures (TTPs) of the BianLian ransomware and data extortion group. This advisory, updated as of November 20, 2024, provides critical…

Read More

Are You Using M365 Co-pilot? Beware of Missing Logs and Hidden Costs

Leveraging M365 Co-pilot’s AI capabilities can be transformative for organizations, but recent insights underscore that logging and auditing around Co-pilot aren’t just optional—they’re crucial for maintaining security, compliance, and enabling effective digital forensics. According to Microsoft’s documentation, M365 Co-pilot and its associated services do not automatically enable comprehensive logging by default. This poses critical concerns…

Read More