Kay Farr - SeraBrynn Cyber Security & Compliance

01/24/2026

12/23/2025

12/19/2025

12/08/2025

𝗖𝗿𝗼𝘀𝘀-𝗦𝗶𝘁𝗲 𝗦𝗰𝗿𝗶𝗽𝘁𝗶𝗻𝗴 𝗮𝗹𝗹𝗼𝘄𝘀 𝗮𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀 𝘁𝗼 𝗶𝗻𝗷𝗲𝗰𝘁 𝗺𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗰𝗼𝗱𝗲 𝗶𝗻𝘁𝗼 𝘁𝗿𝘂𝘀𝘁𝗲𝗱 𝘄𝗲𝗯𝘀𝗶𝘁𝗲𝘀.
Visitors believe they are safe, but their data and trust are at risk.

𝗪𝗵𝘆 𝗶𝘁 𝗺𝗮𝘁𝘁𝗲𝗿𝘀: XSS exploits harm both users and your reputation.
𝗪𝗵𝗮𝘁 𝘁𝗼 𝗱𝗼: Encode outputs, validate inputs, and deploy web application firewalls.
𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗶𝗺𝗽𝗮𝗰𝘁: CMMC and FedRAMP audits check for XSS vulnerabilities.

𝗪𝗼𝘂𝗹𝗱 𝘆𝗼𝘂𝗿 𝘄𝗲𝗯𝘀𝗶𝘁𝗲 𝗽𝗮𝘀𝘀 𝗮𝗻 𝗫𝗦𝗦 𝘁𝗲𝘀𝘁 𝘁𝗼𝗱𝗮𝘆?

12/08/2025

Raging spyware and social engineering attacks have prompted CISA to update its definitive guidance. More ⤵️

10/27/2025

🚨 Hackers Can Steal Microsoft Teams Chats & Emails Using “Access Tokens”

Security experts found a new trick hackers are using to break into Microsoft Teams accounts — and from there, they can read your chats, emails, and even company files on SharePoint.

🧠 What’s happening

Hackers don’t need your password for this.
Instead, they grab something called an “access token.”
Think of an access token like a digital key that tells Microsoft, “Hey, this person is already logged in — let them through.”

If hackers get that token, they can pretend to be you inside Teams, Outlook, or SharePoint.

💻 How they steal the tokens

When you use Teams, it saves login data (including tokens) on your computer.

That data is protected by Windows security features.

But researchers found that hackers can find the encryption key Microsoft Teams uses to protect those tokens.

With that key, hackers can unlock the tokens and use them as if they were you.

Researchers even built a proof-of-concept tool (in the Rust programming language) to show how easy it is to automate this.

🔓 What hackers can do with stolen tokens

Once they have them, hackers can:

Read and send Teams messages as you

Access your emails and shared files

Pretend to be you in chats to trick coworkers

Spread through the company network quietly

Since it looks like the real user doing these things, it’s hard for security systems to notice.

🛡️ How companies can protect themselves

Use endpoint protection tools that can spot strange activity on devices

Watch for weird or unexpected use of the Teams API (the system that talks to Microsoft servers)

Teach employees to be careful with suspicious links or downloads

Keep Windows and Teams fully updated and run modern antivirus software

In short:
Hackers can hijack Microsoft Teams accounts by stealing hidden “login tokens” from a user’s computer. Once they do, they can spy on chats and emails or impersonate people at work — all without needing passwords.

Source: https://gbhackers.com/hackers-steal-microsoft-teams-chats-emails/

10/16/2025

SeraBrynn team at CS5 in DC! If you're there, stop by and say hi.

10/09/2025

𝗠𝗼𝘀𝘁 𝗰𝘆𝗯𝗲𝗿 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁𝘀 𝘀𝘁𝗮𝗿𝘁 𝘄𝗶𝘁𝗵 𝗼𝗻𝗲 𝘄𝗲𝗮𝗸 𝗽𝗮𝘀𝘀𝘄𝗼𝗿𝗱. 𝗗𝗼𝗻’𝘁 𝗹𝗲𝘁 𝗶𝘁 𝗯𝗲 𝘆𝗼𝘂𝗿𝘀.

Here’s what works:
• Use long passphrases
• Turn on multi factor authentication
• Rotate passwords often

𝗬𝗼𝘂𝗿 𝗮𝗰𝗰𝗼𝘂𝗻𝘁𝘀 𝗽𝗿𝗼𝘁𝗲𝗰𝘁 𝗺𝗼𝗿𝗲 𝘁𝗵𝗮𝗻 𝗷𝘂𝘀𝘁 𝗱𝗮𝘁𝗮. 𝗧𝗵𝗲𝘆 𝗽𝗿𝗼𝘁𝗲𝗰𝘁 𝘆𝗼𝘂𝗿 𝗰𝗼𝗻𝘁𝗿𝗮𝗰𝘁𝘀, 𝘆𝗼𝘂𝗿 𝗿𝗲𝗽𝘂𝘁𝗮𝘁𝗶𝗼𝗻, 𝘆𝗼𝘂𝗿 𝗯𝘂𝘀𝗶𝗻𝗲𝘀𝘀.

If you’re ready to build stronger identity security, talk with us today.

10/09/2025

𝗢𝗰𝘁𝗼𝗯𝗲𝗿 𝗶𝘀 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝘄𝗮𝗿𝗲𝗻𝗲𝘀𝘀 𝗠𝗼𝗻𝘁𝗵. Here’s your quick checklist:
✔️ Strong passwords
✔️ Train your staff
✔️ Update your software
✔️ Back up your files

𝗦𝗺𝗮𝗹𝗹 𝘀𝘁𝗲𝗽𝘀 𝘁𝗼𝗱𝗮𝘆 𝘀𝗮𝘃𝗲 𝗯𝗶𝗴 𝗵𝗲𝗮𝗱𝗮𝗰𝗵𝗲𝘀 𝘁𝗼𝗺𝗼𝗿𝗿𝗼𝘄.
Need help building a plan for your business? Send us a message.

10/08/2025

Most contractors are not ready for 𝗖𝗠𝗠𝗖 𝗟𝗲𝘃𝗲𝗹 𝟮. That is exactly why our CEO Jeff Farr spoke at DattoCon 2025 today with other industry leaders, Max Pruger, Brian Hubbard, and Rob Edwards, to share the real lessons that make the difference between passing and failing.

𝗧𝗵𝗲 𝗱𝗲𝗮𝗱𝗹𝗶𝗻𝗲𝘀 𝗮𝗿𝗲 𝗰𝗹𝗼𝘀𝗶𝗻𝗴 𝗶𝗻. 𝗗𝗼 𝗻𝗼𝘁 𝘄𝗮𝗶𝘁 𝘂𝗻𝘁𝗶𝗹 𝗶𝘁 𝗶𝘀 𝘁𝗼𝗼 𝗹𝗮𝘁𝗲. Book a call with Sera Brynn today and get the expert guidance you need to secure your compliance and your contracts.

10/08/2025

Google Unveils AI-Powered Ransomware Defense for Drive

On September 30, 2025, Google announced a new AI-powered ransomware detection feature for Google Drive for Desktop. This tool monitors file changes that resemble ransomware behavior—such as mass encryption or sudden extension changes—and automatically pauses file syncing to prevent further damage.

The AI model is trained on millions of ransomware samples and works by identifying destructive file modifications, not necessarily confirming an active infection. Once suspicious changes are detected, syncing stops, and users receive alerts to restore safe versions of the files.

This "trap" acts in the middle phase of ransomware attacks—after malware bypasses antivirus protections but before widespread damage occurs. It complements existing antivirus and backup solutions.

The feature is currently in beta and is expected to be generally available by the end of 2025 for Business Standard and higher-tier users, at no extra cost.

Additional Context:

Ransomware groups are shifting from encryption to extortion tactics, as companies improve backup/restoration capabilities.

Despite this, ransomware attacks remain on the rise, with a 67% increase in victims listed by ransomware gangs in H1 2025 compared to the same period in 2024.

Experts praise Google’s approach as a simple but effective way to protect common file types, though affected machines still need to be cleaned manually.

Source: https://www.itbrew.com/stories/2025/10/02/monitoring-file-changes-google-announces-ai-powered-ransomware-trap-for-drive

09/26/2025

🚨 A Popular Call-Recording App Called Neon Just Had a Huge Security Fail

What’s Neon?

It's a viral iPhone app that records your phone calls and pays you.

It sells your recorded calls to AI companies so they can train AI systems.

It became super popular really fast — 75,000 downloads in one day.

What went wrong?

The app had a massive security flaw.

Anyone using the app could easily see and listen to other users' private calls, their phone numbers, and even the transcripts of what was said.

All of this data was just sitting on the internet, unprotected.

How was this found out?

Reporters at TechCrunch tested the app and discovered the issue.

They used a tool to look at how the app talks to its servers.

They found links to other people’s recordings and transcripts just sitting there, ready to be clicked.

What kind of data was exposed?

User phone numbers.

Who they called.

When the call happened and how long it lasted.

Full recordings and transcripts of the calls.

Did Neon tell users?

Not really.

The founder, Alex Kiam, shut the app down after being told about the issue.

He emailed users saying they were pausing to "add more security" — but didn’t mention the leak.

What now?

The app is offline, and it’s unclear if or when it will return.

It's also unclear whether Apple or Google will take any action.

The founder hasn’t said if any data was stolen or who else might’ve found the flaw.

TL;DR:

Neon was a popular app that let you sell your phone calls to AI companies — but it accidentally let any user spy on other users’ private calls. It’s been shut down, but they never warned users their data had leaked.

Source: https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/