Scattered Spider Update
The threat actor known as Scattered Spider is in the news again, this time focusing on airlines. But the techniques used by Scattered Spider, social engineering, are still some of the most dangerous techniques used by various threat actors.
https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-recommendations?e=48754805)
AMI BIOS Vulnerability Exploited CVE-2024-54085
A vulnerability in the Redfish remote access software, including AMI s BIOS, is now being exploited.
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf)
https://eclypsium.com/blog/ami-megarac-vulnerabilities-bmc-part-3/)
Act now: Secure Boot certificates expire in June 2026
The Microsoft certificates used in Secure Boot are the basis of trust for operating system security, and all will be expiring beginning June 2026.
https://techcommunity.microsoft.com/blog/windows-itpro-blog/act-now-secure-boot-certificates-expire-in-june-2026/4426856)
The Windows Resiliency Initiative: Building resilience for a future-ready enterprise
Microsoft announced more details about its future security and resilience strategy for Windows. In particular, security tools will no longer have kernel access, which is supposed to prevent a repeat of the Cloudflare issue, but may also restrict security tools functionality.
https://blogs.windows.com/windowsexperience/2025/06/26/the-windows-resiliency-initiative-building-resilience-for-a-future-ready-enterprise/)
