Intro
There are no slow weeks in Cyber. This week we’ve seen some additional disclosure from Microsoft, a serious Fortinet flaw and proof that no organization is invulnerable to being breached.
More fallout from Microsoft’s January breach
Links:
The hacker news
Arsetechnica
Following Microsoft’s January breach, the company published an update on March 8th disclosing they had uncovered evidence that the data exfiltrated in January has been used to gain further unauthorized access to their systems and some of their source code repositories.
CISA falls victim to Ivanti vulnerabilities
Links:
CNN
The Record
Cybersecurity and Infrastructure Security Agency (CISA) was breached back in February using the widely reported Ivanti vulnerabilities.
Foritnet flaw being actively exploited
Links:
Bleeping Computer
Bleeping Computer
Critical Fortinet flaw may impact 150,000 exposed devices, and has been confirmed as being actively exploited by CISA.