Week 51 of 2024

In this week's Threat Intelligence Briefing

• CVE-2023-34990: Critical FortiWLM Flaw
• CVE-2024-51479: Next.js Authorization Bypass Vulnerability Affects Millions of Developers
• CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
• Advisory: Ongoing Phishing Attack Abuses Google Calendar to Bypass Spam Filters
• Advisory: Russian Hackers Use RDP Proxies to Steal Data in MiTM Attacks
• CVE-2024-35250: Windows Kernel Bug Now Exploited in Attacks to Gain SYSTEM Privileges

Brought to you by Joey Vandegrift and Brad Causey, CISSP at SecurIT360

Current State of M365 Attacks

Transforming Your Security: Insights from Coaching a Collegiate Cyber Defense Team