Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every update to One Identity Active Roles is made in response to feedback from our customers. From adapting to improve usability or streamlining administration processes, our product development is always centered around solving the nuanced problems IT teams face every day. We’re excited to share the five recent updates we’ve made to Active Roles, including.

Kubernetes has transformed how we deploy and manage applications. It gives us the ability to spin up a virtual data center in minutes, scaling infrastructure with ease. But with great power comes great complexities, and in the case of Kubernetes, that complexity is security. By default, Kubernetes permits all traffic between workloads in a cluster. This “allow by default” stance is convenient during development, and testing but it’s dangerous in production.

On July 23, 2025, Mitel released fixes for a critical authentication bypass vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE, a communication platform used for enterprise voice and collaboration services. The vulnerability allows unauthenticated remote threat actors to gain unauthorized access to publicly exposed Mitel voice systems and access user or administrator accounts due to improper access controls.

The adage ‘an ounce of prevention is better than a pound of cure’ applies to AppSec vulnerability management. Traditionally, AppSec has focused on a reactive ‘curing flaws’ paradigm, identifying and fixing vulnerabilities after they have occurred. However, the never-ending escalation between threats and security leads to alert fatigue and security debt.

On July 23rd the notorious Russian-language hacking forum XSS.is was seized by French law enforcement agencies. Interestingly, just a few hours before the takedown, Cyberint, now a Check Point Company researchers were informed by “Loki,” a well-known moderator on BreachForums, that one of XSS’s admins had allegedly been arrested by the French. This follows a series of actions by French authorities, who have arrested BreachForums admins over the past few months.

Hats off to the great work the community and industry has done regarding the “ToolShell” attack against Microsoft’s On-Premise SharePoint servers. The goal of this article is to build on that great work and help Sumo Logic customers with on-prem SharePoint servers investigate and identify evidence within their environments.

ISO 27001 is a widely used standard for protecting the security of organizations across sectors and their data through comprehensive controls. While it’s beneficial for virtually any industry, organizations in the healthcare sector often find it especially valuable. ‍ This is because they’re often subject to extensive but vaguely defined regulations, and ISO 27001 provides the structured approach to compliance they need.

It’s no news that Jira Automation Rules (JAR) sit at the center of how teams choose to streamline work. They triage requests and escalate incidents. At the same time, they keep systems running smoothly without requiring human intervention. For teams managing ITSM, DevOps, and cross-functional service operations, these rules are operational logic with many conveniences.

Founded by Dr. Daniel Talley in 1905, the Radiology Associates of Richmond is one of America's oldest private radiology practices. RAR has since been at the forefront of advanced diagnostic, interventional services, and medical imaging. The institution spans seven hospitals and four outpatient centers in central Virginia. RAR has 62 board-certified radiologists, and the practice specializes in breast imaging, neuroradiology, and vascular interventions.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ooooo this is going to get messy.