Fortinet VPN Credential Compromise and Leak 10 September, 2021 Event Summary Threat actors have obtained and leaked almost 500,000 Fortinet VPN credentials, including user names and passwords.  They were able to obtain these credentials via

Atlassian Confluence Server and Data Center RCE Vulnerability 3 September, 2021 Executive Summary Atlassian Confluence and the U.S. Cyber Command have issued a security advisory regarding an OGNL injection vulnerability that exists in multiple versions

Microsoft Azure Cosmos DB Primary Key Exposure 27 August, 2021 Executive Summary Microsoft has disclosed an issue in their flagship Azure Database, Cosmos DB.  Wiz Research Security’s research team discovered the ability to access the

“ProxyShell” & “ProxyLogon” Patch Reminder Patch Notice Summary Security On-Demand’s Threat Recon Unit is issuing a patch reminder for vulnerabilities that exist in Microsoft Exchange servers.  We have previously reported on these patches and recommend

2021 Mid-Year Phishing Report Authored by Joel Garcia, Cyber Security Operator III at Security On-Demand As the world re-opens and employees make the transition back to some normalcy, scammers remain hard at work to score

  Out with IP, In with DNS for Security Operations DNS is a critical protocol for the success of security operations. It contains valuable indicators that identify malicious activity such as malware command and control,