#incident-response

#incident-response

Fortinet has warned that a new security flaw in FortiWeb has been exploited in the wild. The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0. It has been addressed in version 8.0.2. "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands," the company said.

Among the benefits, tabletop exercises simulate a real-life attack so firms can put incident response plans to the test, including decision-making processes, communications and technical measures. When done well, tabletop exercises can expose blind spots and help response teams "build the muscle memory needed to act fast when the real thing hits", says Adam Harrison, managing director in the cyber security practice at FTI Consulting. So what types of tabletop exercises are available and how can you use them in your business?

It's really important to go back to just the cybersecurity basics. Are you using multi-factor authentication? Are you training your staff and employees at all levels to not click that link? Are you patching your systems? Do you have good monitoring software and applications that are monitoring your network even when you're sleeping?

"The worst feeling in the world is to be in the middle of an incident and realize that it would be a great thing that you could do to resolve that incident, if only a tool had been built before, right? So it'd be great if you figure that out before you get into that incident, and then you have the tool ready to go. "

Ribbon supplies software, IP, and optical networking systems to telecoms service providers, businesses, and critical infrastructure organizations including BT, Verizon, CenturyLink, Deutsche Telekom, and Tata, as well as public-sector bodies such as the US Defense Department and the City of Los Angeles. In a with the US Securities and Exchange Commission (SEC), the company has revealed that "unauthorized persons, reportedly associated with a nation-state actor" had gained access to its network in December 2024.

Regulations such as the General Data Protection Regulation (GDPR) and the Australian Prudential Regulation Authority's (Apra's) CPS 230 standard have led organisations to become "really obsessed" with the 72-hour notification window following a data breach, according to Shannon Murphy, global security and risk strategist at Trend Micro.

Following last week's announcement about a security incident involving a third-party customer service provider, we want to address inaccurate claims by those responsible that are circulating online. First, as stated in our blog post, this was not a breach of Discord, but rather a third-party service we use to support our customer service efforts. Second, the numbers being shared are incorrect and part of an attempt to extort a payment from Discord.

The truth is, these teams are working on the same event. They're just seeing it from different angles. If they aren't connected, response becomes fragmented and valuable time gets lost. Connecting the Dots in Real Time This is where a unified approach to critical event management makes a real difference. It's not about layering on more tools. It's about connecting the ones already in place and giving people a shared view and a clear process when something goes wrong.

"The preliminary investigation is ongoing, and we are assessing the scope of any concerns and any necessary required remediation," the spokesperson added. "We are in the process of evaluating technical remediation solutions and will act as appropriate. Compliance with the Privacy Act and identifying a solution for this technical problem is critical to the DAF to ensure warfighter readiness and lethality."

When an incident occurs, every second counts. Whether it's a security breach, theft, or an unauthorized access attempt, physical security teams must act quickly to determine what happened, who was involved, and what actions to take next. Digging through hours of footage, manually piecing together evidence, and cross-referencing logs can be slow and cumbersome. But with a modern video management system ( VMS), security teams can streamline investigations, improve response times, and uncover critical insights faster - "supercharging" their investigations.

A new survey confirms what many IT pros already know: downtime doesn't exist, with dashboards and alerts intruding on their free time. More than half of the 616 IT professionals surveyed (52 percent) said they checked dashboards during nights, weekends, or vacations, with 59 percent saying past outages had left them more obsessive about making sure that everything is working. A third of IT pros said they felt compelled to check in at least once an hour.

In complex systems, failure isn't a possibility - it's a certainty. Whether it's transactions vanishing downstream, a binary storage outage grinding builds to a halt, or a vendor misstep cascading into a platform issue, we have all likely seen firsthand how incidents unfold across a wide range of technical landscapes. Often, the immediate, apparent cause points to an obvious suspect like a surge in user activity or a seemingly overloaded component, only for deeper, blameless analysis to reveal a subtle, underlying systemic flaw that was the true trigger.

The leap from chatbot to AI agent is not just about adding automation - it's about architectural transformation, embedding reasoning and action in context.