Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Scattered Spider is on the news again – this time they breached Allianz Life.
This week’s headlines range from ransomware-ready flaws to physical CCTV vulnerabilities, cloud outages, insurance data breaches, and unfinished patch jobs. Follow cybersecurity advisor Adam Pilton to find out what were the most important threats of the week and how you can avoid similar attacks.
PaperCut Flaw Actively Exploited by Ransomware Gangs
Ransomware operators are targeting a critical vulnerability in PaperCut print management servers. This flaw lets attackers execute code with admin rights. All it takes is one phishing email or malicious link. And since print servers usually sit deep inside networks, it’s a perfect springboard to launch ransomware or siphon off credentials.
Safety Advice
Patch PaperCut today. The fix has been available since June, but attackers are now actively exploiting unpatched systems. Don’t leave this one sitting on your to-do list.
Microsoft 365 Admin Center Goes Dark Mid-Workday
Microsoft 365 admins had a rough ride when the Admin Center went offline for several hours this week. Tenant administrators couldn’t view service health dashboards, incident tickets, or configuration settings. Essentially, they were flying blind right in the middle of the workday.
Early signs point to issues in Microsoft’s regional service infrastructure, which caused authentication and access failures across multiple tenants.
Safety Advice
Microsoft recommends using alternative URLs, but more importantly: set up a “break glass” account. This means a backup global admin account that signs in through an independent identity provider and can still pull health data from Microsoft’s Public Health API. Build resilience before the next blackout.
Legacy LG CCTV Cameras Are a Physical Security Risk
Hundreds of LG Intersect CCTV cameras — still used in shops and offices — can be taken over by anyone on the local network. A simple upload request grants full control. And the bad news? These models are End-of-Life. No patch is coming.
Safety Advice
If you spot these cameras during a site audit: retire them. If you absolutely must keep them for now, isolate them behind a dedicated firewall with zero outbound access. Then start budget talks for a proper replacement.
1.4 Million Allianz Life Customers Exposed After Vendor Hack
A hacker used social engineering to infiltrate one of Allianz Life’s insurance cloud vendors, exposing sensitive data of most of their 1.4 million U.S. customers. That includes names, addresses, policy details, and even some Social Security numbers. Regulators and class action lawyers are already circling.
Given the tactics and target, this has Scattered Spider written all over it.
Safety Advice
Treat supplier logins with the same level of security as your own. Enforce multi-factor authentication on vendor portals. Log every access. And rehearse breach notification drills that assume it’s your partner — not your core systems — that gets compromised.
Adobe Experience Manager Still Has Two Open Remote Code Flaws
Researchers have uncovered three remote code execution vulnerabilities in Adobe Experience Manager Forms. Only one of them is patched — the other two remain wide open, despite being reported back in April 2025.
These flaws allow attackers to steal files or plant web shells on public-facing servers, often used by banks and government agencies.
Safety Advice
Until Adobe releases full fixes: restrict access to AEM Forms from the external internet. Also, monitor those servers closely for unusual outbound connections. If something looks off, it probably is.
Heads Up: Microsoft Authenticator Is Deleting Stored Passwords
A quick reminder before switching off this Snapshot. Microsoft Authenticator is auto deleting any stored passwords this Friday. If you still rely on it for credentials, move them over to Edge or another password manager ASAP.
If this saved you scrolling through 20 blog posts, keep following us for the next Cyber Snapshot.
If you liked this article, follow us on LinkedIn, Reddit, X, Facebook, and Youtube.
