Secure Your Most Valuable Asset.
Your Business.
π What Just Happened On July 21, 2025, Microsoft confirmed widespread active exploitation of a critical zero-day vulnerability in on-premises SharePoint Server (not affecting SharePoint Online/Microsoft 365). Hackers have leveraged this under-the-radar flaw, CVEβ2025β53770 (and related CVEβ2025β53771), to compromise approximately 75 servers, including those at U.S. government agencies and leading companies. β οΈ Why It Matters Remote Code Execution & Spoofing : The attackers gain deep access by impersonating trusted sources, potentially enabling full server takeover. High Stakes : Exploits targeting mission-critical infrastructure mean that once accessed, attackers can exfiltrate data, deploy malware, or disrupt services. Not Just Theory, It’s Happening : With at least 75 servers confirmed breached, this is no drill. π What Microsoft Is Doing Emergency Patches Issued (July 8, 2025): Security updates released fo r SharePoint Server 2019 and Subscription Edition u nder KB5002741, KB5002751, and related KBs. Fixes Still Pending : Patches fo r SharePoint Server 2016 exp ected soon, as of now, they're unavailable. Recommended Defensive Actions : Apply patches immediately. If patching isn't pos sible, disconnect vulnerable servers from the internet or enable advanced malware protection. π
Timeline of Key Events January–May 2025 : Microsoft patched several SharePoint vulnerabilities (CVEβ2025β21344, CVEβ2025β30382, CVEβ2025β49701, and others). These included remote code execution (RCE) and spoofing flaws that hinted at deeper risks within on-prem environments. July 8, 2025 : As part of Patch Tuesday, Microsoft rele ased emergency security updates for SharePoint Server 2019 and Subscription Edition (KB5002741, KB5002751). These updates addressed a newly discovered zero-day vulnerability, CVEβ2025β53770, be ing actively exploited in the wild. July 21, 2025 : Microsoft publicly conf irmed that at least 75 servers had been breached using this f law. The attackers leveraged spoofing to gain deep access, triggering widespread concern in both government and private sectors. A patch for SharePoint Server 2016 is still pending at this time. β
Immediate Mitigation Steps Patch Immediately : On βprem SharePoint 2019: Install KB 5002741. Subscription Edition: In stall KB5002751. Isolate If You Can’t Patch : Remove public access or enable robust malware scanning. Monitor & Audit : Keep an eye on logs for unusual activity or spoofed traffic. Plan 2016 Update : Track Microsoft’s upcoming 2016 patch and be ready to deploy once available. π Broader Patch Landscape July 2025’s Patch Tuesday tackle d 132–137 security flaws across Wind ows, Office, SQL Server, and SharePoint, including another publicly disclosed zero-day in SQL Server (CVEβ2025β49719). While only one zero-day involved SharePoint this month, the sheer volume and severity of bugs underline the importance of timely patch management. π¨πΌ Final Take This isn’t a drill, an actively exploited zero-day in SharePoint Server dema nds urgent action. ο»Ώ Your top priorities: Patch immediately if you're running on-prem SharePoint 2019 or Subscription Edition. Isolate vulnerable systems if patching isn’t yet possible. Stay alert for forthcoming patches for 2016. π Thinking Ahead Ensure robust change control, backup validation, and incident response readiness. Consider internal segmenting of SharePoint servers and stricter access policies. Stay informed: This may not be the last critical vulnerability in SharePoint this year.
When you’re running a business, every decision you make should reflect professionalism, security, and compliance. Yet one of the most common mistakes we see, especially among small businesses, is using a free Gmail account (like yourbusiness@gmail.com ) for business communications. It might seem harmless, but if you care about protecting your data, building trust, and staying compliant with industry regulations, it’s a risky move. Here’s why using a Gmail account for business is a bad idea and why it could actually cost you. 1. It’s Not Professional Perception matters. Customers, vendors, and partners take you more seriously when your email address matches your domain name (e.g., you@yourcompany.com ). A free Gmail address comes across as amateurish or temporary, and that’s not the message you want to send if you’re handling sensitive data, insurance, healthcare, or financial services. 2. It’s Not Secure Enough for Business Use While Gmail includes decent security for personal users, it lacks critical business-grade protections unless you're using Google Workspace or another secure platform designed for business such as Microsoft 365. With a standard Gmail account, you don’t get: Administrative control over who can access what, Security policies like enforced 2FA or device management, Advanced threat protection tailored for business environments, Activity logging and audit trails. If an employee’s Gmail account is compromised, there’s no central control to shut it down or revoke access. That’s a huge risk. 3. It’s a Compliance Nightmare If you operate in a regulated industry, like finance, insurance, healthcare, or legal, you’re likely subject to regulations like HIPAA, FINRA, GLBA, or others. A personal Gmail account isn’t compliant with those standards. Here’s why: No signed Business Associate Agreement (BAA) from Google unless you use a paid Workspace account with the right plan, No data loss prevention (DLP) or archiving controls, No eDiscovery or retention policies, No centralized user management or access revocation, No encryption assurances for compliance-grade protection. Even if you think you’re just emailing “simple stuff,” the law may still consider it protected or sensitive data. And ignorance is no excuse in the event of a breach, audit, or class action lawsuit. 4. You Don’t Own the Account If an employee creates a Gmail account like yourbusiness@gmail.com , they control it, not you. If they leave, they could walk away with all your customer emails, files, and contacts. There’s no way to reclaim or shut down the account unless you’re using a business-grade email system with proper user controls. 5. You Need a Business-Grade Email Platform, Set Up and Secured by Professionals Business email isn't just about sending and receiving messages, it’s about protecting your organization from threats, maintaining compliance, and presenting a trustworthy image to clients. That’s why you need a business-grade email solution that’s not just purchased but also properly configured, secured, and monitored. When you partner with us, you get far more than just email: Professionally hardened Microsoft 365 environment, Ongoing security monitoring and proactive threat response, Phishing protection and anti-malware filtering, User access controls and compliance-ready policies, Ongoing support from a team that specializes in securing business communications. This isn’t something you “set and forget.” It takes expertise and continuous oversight to ensure your email system isn’t the weakest link in your cybersecurity posture. Final Thoughts: Free Email Isn’t Free, It’s a Liability Using a personal Gmail account may seem easy, but it leaves your business exposed on all fronts, security, compliance, and reputation. If you rely on email for business (and who doesn’t?), then it’s time to treat it like the mission-critical asset it is. That means using a secure, business-class email platform and trusting professionals to manage and monitor it the right way. Let’s get your email system secured, compliant, and working for you, not against you. Reach out today and we’ll help you do it right from day one.
π
Disclosure & Patch Status Publicly disclosed on July 8, 2025, as part of Microsoft’s July Patch Tuesday. Affects SQL Server 2016, 2017, 2019, and 2022 (various x64 builds prior to the July 8, 2025 cumulative updates). Fixed in the July 2025 cumulative security updates, such as KB5058713 for SQL Server 2019 and KB5058721 for SQL Server 2022. π Vulnerability Description This vulnerability is categorized as Improper Input Validation (CWEβ20). A flaw in how SQL Server handles crafted network input can allow an attacker to retrieve uninitialized memory, which may contain sensitive information such as connection strings, login credentials, or internal schema data. π― Attack Characteristics Access Vector: Remote (network) Authentication Required: No User Interaction Required: No Privileges Required: None Scope: Unchanged Confidentiality Impact: High Integrity Impact: None Availability Impact: None CVSS v3.1 Score: 7.5 (High) Exploitability: Less likely (per Microsoft), but proof-of-concept code is already public β οΈ Risk & Impact An unauthenticated remote attacker can exploit this vulnerability to extract sensitive data from memory. While the attack is passive (it doesn't directly alter or destroy data), the leakage of credentials or internal configurations can lead to significant compromise, including further lateral movement within the environment or targeting of dependent applications. β
Mitigation & Remediation Apply the July 2025 security updates: SQL Server 2022: KB5058721 SQL Server 2019: KB5058713 SQL Server 2017: KB5058714 SQL Server 2016: Apply the latest GDR or CU from July 2025 Update OLE DB drivers to version 18 or 19 Restrict SQL Server network exposure to only trusted hosts and segments Monitor logs for unusual login attempts or memory-related errors (e.g., error 701, 17803) Rotate any credentials or connection strings potentially exposed Enforce network segmentation and least-privilege access to minimize impact π Summary CVEβ2025β49719 is a high-severity vulnerability in Microsoft SQL Server that allows unauthenticated attackers to extract memory content remotely. While classified as “less likely” to be exploited, the availability of public proof-of-concept code means organizations should prioritize patching, restrict access to database servers, and monitor for suspicious activity.
In today’s digital world, healthcare organizations like dental offices, chiropractic clinics, and small medical practices are prime targets for cybercriminals. While many believe that using HIPAA-compliant software is enough to keep patient data secure, the truth is that compliance does not equal security. At ABT Solutions, we help healthcare providers go beyond basic compliance and implement real-world protection against the growing threats facing the industry. Here’s why that matters now more than ever: 1. HIPAA Is Only the Starting Point HIPAA sets important rules for safeguarding patient data, but it was never designed to stop modern ransomware, phishing, or nation-state-level threats. Compliance ensures that you meet a baseline requirement, but that does not mean your systems are secure. Cybercriminals do not care if your software meets HIPAA standards. They are looking for weaknesses they can exploit. If they find one, they will not hesitate to lock your systems, steal your records, or disrupt your entire practice. 2. Small Healthcare Practices Are a Big Target Many small healthcare providers think they are too small to be attacked. Unfortunately, that is exactly what makes them appealing to hackers. You store valuable data such as patient records, insurance details, and billing information, and attackers know that small clinics often have weaker defenses. ABT Solutions provides the kind of cybersecurity protection that is typically reserved for large enterprises, but customized to meet the needs and budget of smaller offices. 3. Downtime Can Be Disastrous If your systems were locked down today, how long could your practice operate without access to your scheduling, billing, or patient records? A cyberattack can halt operations for days or even weeks. The cost of recovery, legal liability, and lost patient trust can be overwhelming. It is far more affordable to prevent a breach than to recover from one. 4. Cyber Insurance Now Requires More Than HIPAA Compliance Insurance providers have raised their standards. To qualify for cyber insurance or even to maintain your policy, you now need more than HIPAA compliance. Many providers now require: Multi-factor authentication (MFA) Endpoint detection and response (EDR) Email encryption Around-the-clock monitoring Timely system updates and patches Security training for employees If you are missing any of these, your insurance may not cover you in the event of an attack. 5. We Make Cybersecurity Simple and Affordable At ABT Solutions, we are passionate about helping healthcare practices stay safe from cyber threats. Our services include: βοΈ Secure email and encryption βοΈ Managed endpoint protection βοΈ 24/7 monitoring by real cybersecurity experts βοΈ Firewall and network security βοΈ Employee security training βοΈ Safe remote access for telehealth βοΈ Reliable backup and recovery solutions We do more than just meet compliance requirements. We help build confidence and true resilience for your organization. Final Thoughts: Don’t Wait Until It’s Too Late If your practice uses digital records, email, or internet-connected tools, you are already a potential target. HIPAA compliance is a good starting point, but it will not protect you from the wide range of threats that exist today. Let’s build a cybersecurity plan that fits your clinic. We even offer a free introductory risk assessment to help you understand your current security posture. Reach out to ABT Solutions and let us help you stay ahead of the threats that could put your practice at risk.
If your business still runs on Windows 10, time is running out. Ignoring this deadline could cost you more than just a few updates. What’s Happening? Microsoft has announced that Windows 10 will reach its official End of Life (EOL) on October 14, 2025. This means there will be no more security patches, no bug fixes, and no support. For businesses, this is more than a routine update. It is a major compliance and cybersecurity concern. Why It Matters for Business Owners If your company is still using Windows 10, here is what you need to know: π No More Security U pdates Means Increased Risk Once Microsoft stops releasing security updates, Windows 10 machines become easy targets for hackers. Even with antivirus and firewalls in place, outdated systems leave doors wide open for cybercriminals. βοΈ Compliance Violations Businesses that fall under regulations like HIPAA, PCI-DSS, or FINRA must stay compliant. Running unsupported operating systems often breaks those standards, potentially resulting in fines, legal action, or loss of certifications. πΈ Higher Costs in the Future Delaying the upgrade might feel convenient now, but it will likely cost more later. Older hardware may need to be replaced, software could break, and emergency IT fixes are often more expensive than a planned upgrade. π« Software Compatibility Issues As developers move on from Windows 10, your critical business software may stop working or lose support. This could create serious disruptions to your operations. What You Need to Do Now Audit Your Devices Create an inventory of all systems still using Windows 10. Identify which ones are eligible for upgrade and which need to be replaced. Plan and Budget Accordingly You do not need to upgrade everything at once, but you do need a clear plan. Spreading the cost over the coming months can reduce the financial impact. Partner with a Trusted IT Provider A knowledgeable IT partner (like us) can help manage the upgrade process, ensure compliance, and keep your business secure throughout the transition. The Bottom Line Continuing to use Windows 10 after support ends is not just a technical risk. It is a serious business liability. As a responsible business owner, protecting your data, your customers, and your operations should be a top priority. This is more than an IT update. It is a matter of protecting your business future. Don’t wait until a cyberattack or audit forces your hand. ο»Ώ Contact us today to schedule a Windows 10 upgrade assessment and make sure your business stays protected.
Whether you're a small business, a municipality, or a large enterprise, if you're still running Microsoft Exchange Server 2016 or 2019 , there's a major deadline looming: October 14, 2025 - End of Life. After this date, Exchange 2016 and 2019 will no longer receive security updates, patches, or support from Microsoft. And if you're on something older? You're already living dangerously. Let’s break down why continuing to use Exchange after EOL (end of life) is one of the riskiest moves ANY business can make . π¨ 1. No Security Patches = You’re a Sitting Duck Once Microsoft ends support, any new vulnerabilities in Exchange will go unpatched, FOREVER . That means: Hackers can exploit known and unknown bugs without resistance. Your business email becomes an easy target for ransomware, phishing, and data theft. Past Exchange vulnerabilities like ProxyLogon and ProxyShell were exploited within hours, a nd these were while still under support. Imagine what happens when nobody’s watching your back. π 2. You’re Likely Violating Compliance, Even If You Don’t Know It Running outdated, unsupported software often puts you out of compliance with: Cyber liability insurance policies Industry standards (like HIPAA , CJIS , PCI-DSS, FTC Safeguards, etc. ) State and federal cybersecurity laws Most businesses don't realize that insurance claims can and WILL be denied if you're running unsupported systems. One missed update could be the difference between protection and a six to seven figure recovery bill. π― 3. You’re a Target, Even If You’re Small There’s a dangerous myth that only big companies get hacked. This is simply NOT true. Hackers don’t discriminate; they automate . They scan the internet looking for: Open ports Known vulnerabilities Outdated systems (like unsupported Exchange servers) And when they find one? They don’t knock, they walk right in . In fact, 60% of small businesses go out of business within six months of a major cyberattack. Don’t assume you’re too small to be on someone’s radar. π 4. No Microsoft Support = You're On Your Own After EOL (end of life): Microsoft won't help you, even if your mail server crashes. Third-party tools (antivirus, backup, monitoring) may stop supporting your version. If something breaks, there’s no one to call. Your email is too mission-critical to rely on hope. β
What Should You Do? You have two responsible paths forward: πΉ Migrate to Exchange Online (Microsoft 365) Cloud-hosted, secure, and always updated Reduces your maintenance and infrastructure costs Adds built-in resilience πΉ Upgrade to Exchange Server Subscription Edition (SE) Released in July 2025 Subscription-based model (no more perpetual licenses) In-place upgrade possible from Exchange 2019 CU15 Keeps email on-prem for businesses with strict compliance needs β οΈ If You Must Delay, Do This Immediately If you're not ready to migrate or upgrade yet: Remove internet access to your Exchange server Implement advanced threat protection and endpoint detection (EDR) Enforce multi-factor authentication Test your backups and disaster recovery plans Schedule a penetration test to find your weak spots But be clear: these are short-term bandaids, not solutions. π§ Final Thoughts Email is the gateway to your business. It's where invoices go out, credentials are stored, contracts are sent, and operations are coordinated. Leaving it running on unsupported software is a disaster waiting to happen . Are you getting the gist? Every business needs to take cybersecurity seriously—now. Whether you're a city government, school district, hospital, insurance firm, manufacturing plant, CPA firm, law office, healthcare provider, construction company, retail chain, nonprofit, financial institution, and the list goes on, the need for cybersecurity applies to you. If your organization uses email, stores sensitive data, or simply wants to stay in business, cybersecurity isn't optional. The clock is ticking. The longer you wait, the higher the risk, and the fewer options you’ll have when something goes wrong. Don't be the next breach headline. Be the one who acted early. If you're not sure where to begin, we can help you evaluate your options and move toward a secure, supported future, whether that’s cloud or on-prem. Reach out today. Before a hacker does.
Too many businesses still treat IT like a one-time setup. They install antivirus software, put in a firewall, and assume they’re good to go. But cybersecurity doesn’t work like that and neither does technology. Tools left unattended become outdated fast, and what once protected you can turn into a wide-open door for hackers. Take a look at some of the biggest breaches in recent years. Many of them weren’t the result of sophisticated attacks, they happened because of missed software updates or forgotten systems. In fact, a study by the Ponemon Institute found that 60% of breaches could have been avoided with timely patching alone. If you don’t have a dedicated IT team keeping everything maintained and monitored, you’re taking a risk every day. Unpatched vulnerabilities, expired antivirus, old user accounts, misconfigured firewall rules, and backups that no one’s tested. These are the cracks that attackers look for. Not sure if your IT is on autopilot? If you can’t remember the last time your systems were updated, if your antivirus says “up to date” but hasn’t been checked since 2022, or if your backups have never been tested, it’s time for a reality check. Proper IT maintenance includes regular security patching, ongoing monitoring, monthly health reports, vulnerability scanning, and routine access reviews. It’s not flashy, but it’s what keeps your business safe and running. That’s exactly what we do. At ABT Solutions, we provide fully managed IT and cybersecurity services, taking the burden off your shoulders and making sure your business is protected around the clock. We start with a free vulnerability assessment, where we’ll uncover exactly what’s going on behind the scenes. Cybersecurity isn’t something you can “set and forget.” If it’s been a while since you had a real look under the hood, now’s the time. ο»Ώ Reach out today and let’s make sure your defenses are where they need to be — before a hacker decides to find out for you.
Hackers are now exploiting a social engineering tactic called “ClickFix” to trick users into downloading malware right onto their machine. These fake alerts appear credible and convince users to bypass security measures, putting your accounts and data at serious risk. If you are a current customer and we provide you with cybersecurity services: We’re actively improving your security defenses and looking for any indication of attack in your network. We also want to take this time to educate your team to recognize these fake alerts. If you receive a suspicious message urging you to “fix” your account or system, please contact us before taking action. below is an example of what you might see on your screen in this kind of attack. If you are not an ABT Solutions customer or do not purchase cybersecurity from us, here’s how we can help: Our team can help implement enhanced security measures, provide user awareness training, and ensure your team can recognize these increasingly convincing social engineering attacks. I’d like you to click the link below to receive a free vulnerability assessment showing how we can improve your security and reduce the risk of social engineering attacks like ClickFix . Here is a link to schedule a vulnerability risk assessment: Click Here Let’s work together to ensure your organization is protected from this rising threat. Dedicated to keeping you secure, Braden A. Lampe
Critical SonicWall Vulnerability (CVE-2024-53704)
If your business still runs Microsoft Exchange Server on-premises, there's a good chance you've heard the terms ProxyLogon and ProxyShell . Maybe you've even been affected. If you haven't taken action yet, this article is your warning. These two exploit chains have been responsible for massive breaches, ransomware infections, data theft, and operational shutdowns in organizations of all sizes, from small businesses to government entities and hospitals. Let’s break down what they are, how they work, and what you need to do right now to avoid becoming the next victim. π What Is ProxyLogon? Discovered in early 2021, ProxyLogon is a set of critical vulnerabilities in Microsoft Exchange Server (2013, 2016, and 2019) that allow attackers to: Bypass authentication (they don't need valid credentials) Execute commands on the server remotely Steal emails, drop malware, and move laterally thro ugh your network The scariest part? This exploit chain requir ed no user interaction and was being used by threat actors like Hafnium t o breach thousands of organizations around the world. Microsoft released emergency patches in March 2021, but many servers weren’t updated in time, and many still aren’t today. 𧨠What Is ProxyShell? Just a few months later, in August 2021, the world was hit again, this time with ProxyShell . ProxyShell is actually a chain of three separate Exchange vulnerabilities that, when combined, allow attackers to: Remotely access your Exchange server Bypass authentication Gain full control of your system Like ProxyLogon, ProxyShell also requires no passwords, no logins, no user clicks. Once exploited, attackers can install ransomware, create backdoors, and exfiltrate sensitive data. After ProxyShell was demonstrated publicly at a cybersecurity conference, mass exploitation began almost immediately, t argeting businesses, municipalities, schools, and more. π£ Real-World Impact These vulnerabilities were not “theoretical risks.” They were actively exploited in the wild, and they still are on unpatched systems. Victims included: Hospitals whose email systems went down during active patient care Cities that had 911 dispatch and police systems disabled by ransomware Law firms and CPA offices whose confidential data was stolen or encrypted Small businesses that were shut down for weeks, if they survived at all If your organization handles email, customer data, health records, financial info, or critical infrastructure, yo u cannot afford to ignore this. π Why You’re Still at Risk If you're running Exchange 2013, 2016, or 2019, and yo u haven’t patched for these vulnerabilities, or worse, you're running Exchange past its End of Life (EOL), you're WIDE open and it is just a matter of time. Even if you've patched, if you’ve never checked f or web shells or backdoors left behind, attackers could still have access to your environment. 𧩠Are You Getting the Gist? Every business needs to take cybersecurity seriously, NOW. Whether you're a city government, school, hospital, insurance firm, manufacturing plant, CPA firm, law office, healthcare provider, construction company, retail chain, nonprofit, or financial institution, this applies to you. If your business uses email, stores sensitive data, or simply wants to stay in business, cybersecurity is not optional. The clock is ticking. The longer you wait, the higher the risk, and the fewer options you’ll have when something goes wrong. β
What You Should Do Now Here’s your action plan: 1. Patch Immediately If you're still on an affected version of Exchange and haven’t installed the updates from 2021, do that NOW . 2. Scan for Compromise Use Microsoft’s Exchange Health Checker or third-party tools to check for signs of past or active breaches. 3. Upgrade or Migrate Move t o Exchange Online (Microsoft 365) for ongoin g security and simplicity. Or, if you must stay on-prem, prepa re for Exchange Server Subscription Edition (SE), M icrosoft’s modern, supported version released in 2025. 4. Harden and Monitor Lock down remote access Enable our multi-factor authentication (MFA) solution Implement our advanced threat detection (EDR/SOC) Schedul e penetration testing with us to validate your defenses π§ Final Thoughts ProxyLogon and ProxyShell were wake-up calls. Unfortunately, many organizations hit snooze, and they’re still running outdated, exposed Exchange servers today. Cybercriminals are counting on inaction. Don’t give them the upper hand. If you're unsure about your exposure, or need help patching, upgrading, or migrating, we’re here to help. We assist organizations across all industries with securing their environments and building cyber resilience. Don't wait for the next exploit. Take action today. Click the link below to take our vulnerability risk assessment.