Head Nerds
Segurança

PODCAST: Beyond the Horizon: Salt Typhoon, Microsoft Cloud Logging, Undersea Cable Threats and More… Are You Ready?

In the first of a new series of Cybersecurity News Reviews, Lewis Pope, Head Security Nerd at N‑able, runs down some of the key cybersecurity news and developments that MSPs and CISOs need to be building into their planning. In this January 2025 episode, Lewis dives deep into major topics shaping the cybersecurity landscape, including:

  • Salt Typhoon and other PRC APT group Activities: A recap of compromises, from telecom companies to the US Department of Treasury, and how federal-private sector collaboration is critical in combating these threats.
  • Microsoft Cloud Logging and Advanced Security Playbooks: Why enabling advanced logging in Microsoft E3 and higher licenses is essential for improved incident response and threat detection. 
  • Chrome Browser Extension Hijacking Attacks: The growing risk of malicious browser extensions and steps to secure your organization’s browsing environment.
  • “Living off the Land” RMM Tools: How threat actors exploit legitimate tools for malicious purposes and why monitoring for unauthorized RMM software is a must.
  • Undersea Cable Threats: The risks of cable cuts by nation-state actors like PRC and Russia, their impact on global infrastructure, and the need to integrate these scenarios into your threat modelling.

From actionable recommendations to the latest security playbooks, this episode equips MSPs and IT pros with the insights they need to stay ahead of evolving cyber threats. Resources Mentioned:

· CISA Playbook for Microsoft Cloud Logging: Advanced logging insights for E3 and higher licenses. Download at: www.cisa.gov/resources-tools/resources/microsoft-expanded-cloud-logs-implementation-playbook

· LOLRMM “Living off the Land” RMM List: A resource for identifying legitimate tools that could be misused by threat actors.

NOTE: The Cybersecurity News Review is taken from Lewis’s Monthly Security Office Hours. Office Hours are open to everyone including non-N‑able customers. Click the link if you would like to join or find out more about this this or any of the other N‑able Head Nerd Office Hours.

Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N‑able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N‑able employees are those of the employees and do not necessarily reflect the view of N‑able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N‑able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N‑able has no obligation to update any forward-looking statements. https://www.n-able.com

© N‑able Solutions ULC e N‑able Technologies Ltd. Todos os direitos reservados.

Este documento é fornecido apenas para fins informativos e não deve servir de base para aconselhamento jurídico. A N‑able não oferece nenhuma garantia, expressa ou implícita, nem assume qualquer responsabilidade legal ou responsabilidade pela precisão, integralidade ou utilidade de qualquer informação nele contido.

As marcas N-ABLE, N-CENTRAL e outras marcas registradas e logotipos N‑able são de propriedade exclusiva da N‑able Solutions ULC e da N‑able Technologies Ltd e podem ser marcas legais comuns, registradas ou de registro pendente com o Escritório de Marcas e Patentes dos EUA e com outros países. Todas as outras marcas comerciais mencionadas neste documento são usadas apenas para fins de identificação e são marcas comerciais (e poderão ser marcas registradas) de suas respectivas empresas.