July 9th, 2025 Security Briefing with IANS Faculty ⁠Wolfgang Goerlich⁠ and ⁠Jessica Hebenstreit⁠

This Episode Details:

• SEC and SolarWinds Make a Deal: The U.S. Securities and Exchange Commission (SEC) and SolarWinds have reached a preliminary agreement to settle the high-profile lawsuit stemming from the 2020 cyberattack.
• Instagram Rotating Certificates Daily: Earlier this year, the CA/Browser Forum agreed to drastically reduce the lifespan of public certificates (Ballot SC081v3). The agreed upon enforcement schedule is 398 days in 2025, 200 days starting in 2026, 100 days starting in 2027, and 47 days starting in 2029.
• IT Supplier the Latest Ransomware Victim: Ingram Micro found itself grappling with a ransomware incident that took key internal systems offline just as the July 4 holiday weekend began. While details remain thin and statements tight-lipped, what’s emerging looks like a familiar but increasingly frustrating playbook: Attackers leveraged credential-based access to a Palo Alto GlobalProtect VPN, moved laterally, and escalated privileges.

With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.