Threat Intelligence for Exposure Management: How TI Powers Smarter CTEM Programs

Your security team has access to more vulnerability data than ever before. Scanners produce thousands of findings each week. Threat feeds deliver a steady stream of indicators. Yet most organizations still struggle with the same fundamental problem: deciding what to fix first. The disconnect...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

watchpost Local threat intelligence database. Aggregates data...

3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026

Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount of which translates into very real damage. That's why for CISOs, it's key to prioritize decisions that reduce dwell time and protect their company...

EUVD-2024-54606

Malicious code in bioql PyPI...

CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests...

CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests...

CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests...

CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests...

CVE-2024-54020

CVE-2024-54020 affects Fortinet FortiManager. A missing authorization in FortiManager versions 7.2.0–7.2.1 and 7.0.0–7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests. Root cause: lack of authorization checks when updating global threat feeds. ...

PT-2025-23066 · Fortinet · Fortimanager

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.0.0 through 7.0.7 Fortinet FortiManager versions 7.2.0 through 7.2.1 Description: A missing authorization in Fortinet FortiManager may allow an authenticated attacker to overwrite global threat feeds via craft...

Building a Robust Threat Intelligence with Wazuh

Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthening security. It enables organizations to gain a comprehensive insight into historical, present, and anticipated threats, providing context about the...

CVE-2022-39948

An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...

Protect

An improper certificate validation vulnerability CWE-295 in FortiOS and FortiProxy may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds when the latter are...

ARTIF - An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting,...

ThreatIngestor - Extract And Aggregate Threat Intelligence

An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources,...

Osweep - Don't Just Search OSINT, Sweep It

If you work in IT security, then you most likely use OSINT to help you understand what it is that your SIEM alerted you on and what everyone else in the world understands about it. More than likely you are using more than one OSINT service because most of the time OSINT will only provide you with...

TIH: The Open Source Threat Intelligence Hunter

PenTestIT RSS Feed The primary purpose of threat intelligence is to help you understand the risks of threats, such as zero-days, advanced persistent threats APTs and exploits. But how do you do that on a large scale in an automated manner? You now have a solution in TIH, the Threat Intelligence...

Fully Integrated Defense Operation: FIDO

Fully Integrated Defense Operation Fully Integrated Defense Operation FIDO plays a important role in the defense of the Netflix corporate network. The premise of FIDO is simple… each year companies are receiving an ever increasing amount of security related alerts. Instead of hiring more analyst ...

Open Source OpenSOC Security Analytics Framework Released

Cisco announced today that it has made available through open source a framework that integrates data analytics tools into security operations. “The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly...

Microsoft Interflow Information-Sharing Platform Preview Open

Much like the Year of PKI that has never come to be, information sharing has been one of security’s more infamous non-starters. While successful in heavily siloed environments such as financial services, enterprises industry-wide are hesitant to share threat and security data for fear of losing a...