Cyber Bits · · 1 min read

Cyber Bits: March 11, 2024

Cyber Bits: March 11, 2024

There are no slow weeks in Cyber. This week we’ve seen some additional disclosure from Microsoft, a serious Fortinet flaw and proof that no organization is invulnerable to being breached.

More fallout from Microsoft’s January breach

Links: The Hacker News; Arsetechnica

Following Microsoft’s January breach, the company published an update on March 8th disclosing they had uncovered evidence that the data exfiltrated in January has been used to gain further unauthorized access to their systems and some of their source code repositories.

CISA falls victim to Ivanti vulnerabilities

Links: CNN; The Record

Cybersecurity and Infrastructure Security Agency (CISA) was breached back in February using the widely reported Ivanti vulnerabilities.

Fortinet flaw being actively exploited

Links: Bleeping Computer; Bleeping Computer

A critical Fortinet flaw may impact 150,000 exposed devices, and has been confirmed as being actively exploited by CISA.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.