InfoSec.Watch - Issue #132

This week’s brief centers on three themes: software supply chain abuse, identity and trust-boundary weakness, and continued pressure on backup and recovery systems.

InfoSec.Watch - Issue #131

This week’s brief centers on three themes: software supply chain abuse, identity and trust-boundary weakness, and backup and recovery plane exposure.

InfoSec.Watch - Issue #130

This week’s brief centers on three themes: software supply chain abuse, Linux privilege escalation risk, and identity and trust-boundary weakness

InfoSec.Watch - Issue #129

This week’s brief centers on three themes: software supply chain abuse, identity and trust-boundary weakness, and backup and recovery plane exposure.

InfoSec.Watch - Issue #128

InfoSec.Watch - Issue #127

Another week, same lesson: control planes and identity surfaces remain high-value attack paths. When SSO introduces alternate authentication flows and MDM sits in front of every device, patching is table stakes. Exposure validation and threat hunting are what actually close the loop.

InfoSec.Watch - Issue #126

This week’s brief is a reminder that identity-adjacent features and device-management control planes are still prime time for exploitation. When SSO becomes an alternate auth path, and MDM sits in front of your mobile fleet, patching is only step one — validation and hunt is step two,

InfoSec.Watch - Issue #125

BridgePay ransomware outage + BeyondTrust pre-auth RCE scanning + a packed KEV week

InfoSec.Watch — Issue #124

This week’s brief is a reminder that identity-adjacent features and device-management control planes are still prime time for exploitation. When SSO becomes an alternate auth path, and MDM sits in front of your mobile fleet, patching is only step one — validation and hunt is step two.

InfoSec.Watch – Issue 123

FortiCloud SSO auth bypass and Ivanti EPMM pre-auth RCE are actively exploited — plus what to hunt for after patching.