The Everything Feed - All Packet Pushers Pods PP074: News Roundup – Microsoft Dumps Digital Escorts; Palo Alto Bundles Billions Aboard CyberArk
Aug 12, 2025
This week's security news roundup highlights Microsoft’s controversial decision to discontinue a program involving digital escorts in China. The troubling landscape extends to TSMC, where attempts to steal sensitive tech have led to firings. Additionally, Palo Alto Networks shocks the industry with a $25 billion acquisition of CyberArk, stirring discussions about identity management and insider threats. Insights on evolving cyber threats, including social engineering tactics by criminals, reveal the urgent need for robust defenses against these challenges.
AI Snips
Chapters
Transcript
Episode notes
Patch And Rotate Keys For SharePoint
- Patch on-prem SharePoint instances immediately and rotate machine keys after compromise to remove persistence.
- Follow Microsoft's guidance closely because attackers can reuse session tokens even after patches are applied.
Mitigate Active SonicWall Exploits
- Disable SonicWall SSL VPN if possible and apply mitigation controls like blocking known ASNs and enforcing MFA.
- Treat this as an active exploitation incident until the entry vector is identified and patched.
Identity Is Becoming A Core Pillar
- Palo Alto Networks' $25B CyberArk acquisition signals identity/PAM as a strategic pillar, including non-human identities.
- The deal buys scale and legacy customers but also inherits complexity and technical debt to integrate.