Alberto Invernizzi’s Post

Microsoft Edge WARNING: Update Your Browser NOW. A "Critical" Flaw Lets Hackers Take Over Your PC. (Here's the 2-Minute Fix). Read the full report on - https://lnkd.in/eRVGW7SH

I just saw the news, Red Hat got hit by a breach. A group called Crimson Collective apparently accessed their consulting GitLab and pulled a massive amount of data, about 570GB from 28,000 repos. Even some big names like IBM, Siemens, Verizon, and the NSA were caught up in it. Red Hat says they’ve contained it and that their core products are safe, but honestly… if a company like that can get hit, it’s a good reminder for the rest of us. Might be worth taking a minute today to: • Revisit who actually has access to your code (hint: if someone hasn’t contributed in 90+ days, should they still have access?) • Make sure you’ve got secret detection AND mitigation in place • Take a real look at your security logs, not just skim them Nobody ever thinks it’ll happen to them, until it does.

$AR9 - archTIS (ASX:AR9) announced the release of NC Protect for Microsoft 365 Version 9 (V9), the most advanced iteration of its flagship data-centric security software focused on safeguarding sensitive information across Microsoft environments. Read more: https://lnkd.in/gucCWZXm #AR9 $ARHLF #ASX Daniel Lai Andrew Burns Miles Jakeman Marcus Thompson, AM, PhD Kurt Mueffelmann Irena Mroz Gerard Foley Kevin Coppins

archTIS (ASX:AR9) announced the release of NC Protect for Microsoft 365 Version 9 (V9), the most advanced iteration of its flagship data-centric security software focused on safeguarding sensitive information across Microsoft environments. Read more: https://lnkd.in/gucCWZXm #AR9 $ARHLF #ASX Daniel Lai Andrew Burns Miles Jakeman Marcus Thompson, AM, PhD Kurt Mueffelmann Irena Mroz Gerard Foley Kevin Coppins

archTIS stands with the data custodians who carry the risk. NC Protect v9 locks down Microsoft 365 at the data layer with ABAC, a visual policy builder, Spirion powered discovery, and tight alignment with Defender and Purview. The practical uplift sensitive and classified environments need now. #DataSecurity #ZeroTrust #ABAC #Microsoft365 #Defence #ClassifiedData #GovTech

Bold warning: Federal networks risk full takeover. “We see remote code execution that sticks after reboot,” said an insider. Holy sh-t moment: Cisco ASA zero-days let attackers control networks invisibly. Lessons to learn: - Emergency Directive 25-03 orders immediate patching. - F5 flaws let attackers steal creds and move laterally. - GeoServer and Windows SMB vulnerabilities exploited widely. - Sophisticated nation-states target U.S. tech supply chains. - New laws force contractors to disclose vulnerabilities. This isn’t normal patching. It’s about stopping your network from becoming a puppet. Want the step-by-step? Comment “SYSTEMS.” ⚡

💼✨ Empowering Businesses with Data Security! Today at our business networking meet, I shared insights on how Windows 10 BitLocker keeps your business data encrypted, protected, and accessible only to you. 🔐 In today’s digital world, data security isn’t just an option — it’s a responsibility. At Vintech Computers, we’re proud to help businesses stay one step ahead with smart, secure, and reliable tech solutions. 💻 #VintechComputers #DataProtection #WindowsSecurity #BitLocker #Windows10 #CyberSafety #TechForBusiness #SecureYourData #BusinessGrowth #NetworkingSuccess

You can’t talk about security without talking about Microsoft. Check out some of ProArch’s most-read resources on getting Microsoft security right: 🔗Microsoft 365 E5 Security Add-On: E5 Security Without the E5 Price Tag: https://hubs.la/Q03PHkms0 🔗Microsoft 365 Licensing E3 vs. E5: Top 5 Security Differences: https://hubs.la/Q03PHkd10 🔗5 Things You Must Do to Improve Microsoft 365 Security: https://hubs.la/Q03PHcQQ0 #MicrosoftSecurity #Microsoft365Security

I’m pleased to share that the November 2025 Microsoft Secure Future Initiative (SFI) progress report is now available. The Secure Future Initiative reflects our ongoing commitment to strengthen security across how we design, build, test, and operate our products and services. Security is a shared responsibility, and we recognize it’s a continuous journey—not a one-time destination. Find the latest update on the progress we made in the latest report here: https://lnkd.in/etJRb3Fh To help our customers improve their own security, we highlight 10 SFI patterns and practices customers can follow to reduce their risk. Find the information here: https://aka.ms/SFIPnp #Microsoft #MicrosoftSecurity #SFI

CVE of the Week: Bio-Fox! 🦊 CVE-2025-58726 is a Windows SMB Server Elevation of Privilege vulnerability. It stems from improper access control and can let an authenticated attacker elevate privileges over the network. While exploitation typically requires a multi-step, complex chain (e.g., Kerberos/SPN edge cases), the impact is serious on domain environments once the chain succeeds. Exploiting this vulnerability could result in: - Lateral movement and privilege escalation inside Windows domains. - Unauthorized access to sensitive data and potential DC takeover paths. Recommended actions: 1. Apply Microsoft’s October 2025 security update 2. Enforce SMB signing and enable Extended Protection for Authentication (EPA): Ensure SuppressExtendedProtection=0. If you cannot immediately update, reduce exposure with our mitigation script, available for free: https://lnkd.in/gDHTiEJH Let us know if you need help securing your systems or understanding these steps further 🗣️ Thanks Andrea Pierini for the research! 🤝