Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Continuous Threat Exposure Management (CTEM) is a proactive cybersecurity framework that continuously reduces your attack surface in response to emerging threats.

NTLM Relay attacks should be history. Yet in 2025, they remain one of the most effective ways to compromise Active Directory. We first covered this problem back in 2020, when we wrote about a troubling vulnerability that refused to die: NTLM Relay attacks. At the time, many believed NTLM Relay attacks were a relic of the past, an old problem long solved by Kerberos and modern authentication protocols.

CISA has just added a new CVE regarding SMB, with a very high CVSS rating. CVE-2025-33073 is a high-severity (CVSS 8.8) vulnerability in the Windows SMB client caused by improper access control (CWE-284). An authenticated attacker can exploit it over the network to gain elevated privileges. Microsoft has issued guidance on how it should be patched and CalCom recommend this be done immediately.

Local Oracle Linux installations do not support CIS Oracle Linux benchmarks or hardened images. When you implement CIS Benchmarks on an Oracle server, you are on your own. We wrote this post to help you.

On September 9, 2025, Microsoft released details of CVE-2025-55234, a critical vulnerability in the Windows Server Message Block (SMB) protocol. With a CVSS v3 score of 8.8, it’s classified as High severity and poses a serious elevation-of-privilege (EoP) risk. An attacker exploiting this flaw could launch a relay attack, allowing them to gain the privileges of a legitimate user without elevated permissions or insider access.

Server hardening’s core principle is, “unnecessary functionality compromises security.” Adopting Linux should greatly simplify the process. No matter which flavor of Linux you choose to run, hardening your servers should be the same process; once you know one, you know them all. When it comes to Oracle Linux Server Hardening, what works for Red Hat or CentOS should continue to work. In theory, yes, but in practice, there are significant differences that could make or break your project.

The Federal Financial Institutions Examination Council (FFIEC) retired its Cybersecurity Assessment Tool (CAT) on August 31, 2025. This self-assessment resource, used by financial institutions to gauge cybersecurity risk and readiness, won’t be updated going forward. The FFIEC launched CAT in 2015 to help organizations measure their exposure to risk and assess their cyber preparedness.

The National Credit Union Administration (NCUA) was created to insure and regulate the industry. Under the Federal Code of Regulations, Part 748, each federally insured credit union is required to develop a security program within 90 days of the effective date of insurance. To ensure that credit unions comply with federal cybersecurity requirements, the NCUA collaborates with the Federal Financial Institutions Examination Council (FFIEC) to set examination standards.

Suppose you are an experienced IT professional or consultant working in the private sector. You get a new job working in the US Healthcare industry. On starting your new job, you learn about the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the consequences of failure to comply with it. As an IT professional, you understand that a crucial component of mitigating cyber threats is to implement server hardening, but how does this relate to HIPAA?

Before we move forward with our exploration of HIPAA, HITRUST, and server hardening, let’s review what we learned in Part One. We began as experienced IT professionals and consultants working in the private sector, after starting a new job in the US Healthcare industry.