Flex routing in Copilot: steps to avert a potential privacy risk
Microsoft has recently introduced a feature in Microsoft 365 Copilot called flex routing that affects EU and EFTA customers. The feature allows large language model inferencing to occur outside the EU Data Boundary during periods of peak demand, with the aim of...
Rethinking Detection Engineering: Black Cell’s Detection-as-Code Framework
Detection-as-Code Tools is a repository designed to standardize the creation, validation, and deployment of detection rules across multiple security platforms. Itprovides a structured, automation-ready framework that enables security engineeringteams to manage...
Mobile Security Month: 6 Simple Ways to Reduce Mobile Risk
As smartphones and tablets continue to play a central role in modern work, mobile devices have become a critical part of the enterprise attack surface. From business email and MFA prompts to sensitive applications and cloud access, a compromised device can quickly...
Detection-as-Code Feed – 2026 March
PowerShell Logging Disabled Via Registry Key Tampering Disabling PowerShell logging is one of the most effective ways to reduce defender visibility during an intrusion. Attackers may inspect registry keys, test execution to see what appears in the event logs, and...
Thriving in IT Security: Zsófia’s Black Cell Story
Why did you choose BlackCell? How did you decide you wanted to work here? I wanted to start my career in IT security in an environment where I could gain insight into multiple aspects of the field while continuously developing my skills. It was important for me to be...
The OT Challenge of NIS2: Why OT Require a Different Security Approach
Introduction Cybersecurity frameworks are often designed with modern IT infrastructures in mind, but industrial systems rarely operate under the same assumptions. As organizations across Europe prepare for NIS2 compliance, many are discovering that traditional...
Common Security Gaps We Find in Microsoft 365
We have run several assessments in multiple Microsoft 365 tenants and while every organization has unique needs, the gaps are consistent. Here are the most common security vulnerabilities identified in the initial assessment. Entra ID: Over-Privileged Admins: 80% of...
Introducing Sophos Workspace Protection
Easy, effective, and affordable protection for remote and hybrid workers without the cost and complexity of traditional cloud-delivered stacks. Sophos Workspace Protection is a newly launched security solution designed to help IT teams secure today’s hybrid and...
From Google Redirect to Credential Theft: A Multi-Stage Attack Analysis
Introduction Targeted attacks (APT) no longer threaten only government agencies and critical infrastructure – small and medium-sized businesses are increasingly facing sophisticated attack techniques. Job offer decoy documents, malware distributed through trusted...
