Data Suggests It’s Time to Rethink Cloud Permissions

Blog

Byadmblake February 20, 2025

Excessive privileges and visibility gaps create a breeding ground for cyber threats.

Blog

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as…

Read More Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
Blog

⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined…

Read More ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
Blog

Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released

Update 3/14 – Coverage section updated with available IPS signature.FortiGuard Labs is aware of a new proof of concept released over the weekend for CVE-2023-21716 (Microsoft Word Remote Code Execution Vulnerability).Patched in the February Microsoft Monthly Security Release, CVE-2023-21716 is a vulnerability within Microsoft Office’s wwlib which allows attackers to achieve remote code execution on…

Read More Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released
Blog

Ivanti CSA (Cloud Services Appliance) zero-day Attack

What is the Attack?Attackers are actively exploiting multiple zero-day vulnerabilities affecting Ivanti CSA (Cloud Services Appliance) that could lead an attacker to gain admin access, bypass security measures, run arbitrary SQL commands, and execute code remotely.In a recent incident response engagement, FortiGuard Incident Response (FGIR) services were engaged where an advanced adversary was observed exploiting…

Read More Ivanti CSA (Cloud Services Appliance) zero-day Attack
Blog

Multiple ZTNA Products Authentication Bypass

What is the Vulnerability?A series of critical vulnerabilities affecting leading zero trust platforms – Zscaler, Netskope, and Check Point (Perimeter 81) – have been disclosed following a seven-month research campaign by security researchers David Cash and Richard Warren. These flaws include authentication bypasses, privilege escalation, and hardcoded credentials, significantly weakening the core security assumptions of…

Read More Multiple ZTNA Products Authentication Bypass
Blog

Is the Middle East’s Race to Digitize a Threat to Infrastructure?

As the region continues with its ambitious road map, cybersecurity must be woven into every step of the process.

Read More Is the Middle East’s Race to Digitize a Threat to Infrastructure?

Related