2 interesting issues have been uncovered by cybersecurity researchers.
Hackernews article: “New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass”
Phishing campaigns have been observed sending payment receipt-related emails to entice recipients into opening bogus PDF documents containing QR code that, upon scanning, redirects them to Sneaky 2FA pages.
The Phishing kit is sophisticated, and one must know about possible phishing attacks to prevent it’s successful implementation into your network.
and
DarkReading article: “15K Fortinet Device Configs Leaked to the Dark Web”
On Jan. 14, Fortinet disclosed a severe authentication bypass vulnerability in its FortiOS operating system and FortiProxy Web gateway, CVE-2024-55591. For a model of what the aftermath of such a vulnerability could look like, one need only look to a parallel bug from October 2022 that’s still making waves today.
Fortinet, for its part, tried to quell concerns in a security analysis published on Jan. 16. “If your organization has consistently adhered to routine best practices in regularly refreshing security credentials and taken the recommended actions in the preceding years, the risk of the organization’s current config or credential detail in the threat actor’s disclosure is small,” it explained.
As Fortinet mentions, it is imperitive to have good security policies in place to prevent attacks event as sophisticated as these two.
Contact to discuss security policies now.