LinkedIn Carousel - #CyberWeekly Week 6

Dangerous Invitations

Russian hackers spoof Brussels university event to steal Microsoft 365 credentials

Platform: AI-Powered CSV Import

€30K EU Grants for SME Cybersecurity

Fortinet Zero-Day: 3.2M Devices Exposed

Easy Cyber Protection

1/5

Russian hackers spoof Brussels VUB event to steal Microsoft 365 credentials

Russian state-linked threat group UTA0355 impersonated staff from the Centre for Security, Diplomacy, and Strategy at Vrije Universiteit Brussel, sending fake invitations to the "Brussels Indo-Pacific Dialogue."

It bypasses MFA — the Device Code and OAuth phishing techniques don't trigger your usual second-factor prompts, because you're authenticating on a real Microsoft page
It uses rapport-building — attackers first engaged targets in benign conversations via email and WhatsApp before sending the malicious link
Victims expanded the target list — when someone declined the invitation, attackers asked for colleague recommendations. Multiple targets forwarded the invitation to others within their organization
The fake websites looked professional — dedicated domains with polished registration pages that mimicked real-world SSO flows

Full analysis from Volexity → https://www.volexity.com/blog/2025/12/04/dangerous-invitations-russian-threat-actor-spoofs-european-security-events-in-targeted-phishing-attacks/

2/5

Platform Spotlight: Import your asset inventory with AI-powered CSV mapping

You can now import CSV files directly into Easy Cyber Protection — and the AI figures out which columns map to which fields.

Smart CSV import — drop a CSV file into the wiki, and the AI generates a field mapping in seconds. Review it, tweak if needed, then bulk-import all your entities in one click
Browser-based AI — the mapping runs locally using WebLLM. Your data never leaves your browser. No cloud AI, no data sharing, no privacy concerns
Event sourcing architecture — we rebuilt our data layer with a Command → Event → Reactor pattern, so every change is tracked, auditable, and reversible
Unified storage — a new storage abstraction lets you work with local files or server-synced data seamlessly, with cryptographic signing for integrity

Try it now → https://easycyberprotection.com/start

3/5

EU SECURE project offers up to €30,000 for SME cybersecurity

The EU-funded SECURE project — with Belgium's CCB as a consortium partner — opened its first call for proposals on January 28, offering European SMEs grants of up to €30,000 to prepare for the Cyber Resilience Act.

Who can apply: European SMEs that manufacture, import, distribute, or develop products with digital elements within the scope of the CRA
How much: Up to €30,000 per project (50% co-financing)
Deadline: March 29, 2026
How to apply: Through the SECURE platform — simplified, SME-friendly process

Read the CCB announcement → https://ccb.belgium.be/news/secure-1st-open-call-launching-28-january-offering-support-smes-preparing-cyber-resilience-act

4/5

Fortinet FortiCloud SSO zero-day exposes 3.2 million devices

Fortinet confirmed active exploitation of CVE-2026-24858 (CVSS 9.4), an authentication bypass in FortiCloud SSO that allowed any FortiCloud account holder to log into other users' Fortinet devices.

Check for unknown admin accounts — attackers created accounts named "audit", "itadmin", "svcadmin", "backup", and "support" for persistence
Review VPN configurations — unauthorized VPN tunnels may have been created to maintain access
Download and review device configs — attackers exfiltrated full device configurations, potentially exposing network topology and credentials
Apply the latest firmware — even if you patched previous FortiCloud SSO vulnerabilities (CVE-2025-59718/59719), you're still vulnerable to this one

Read the CISA advisory → https://www.cisa.gov/news-events/alerts/2026/01/28/fortinet-releases-guidance-address-ongoing-exploitation-authentication-bypass-vulnerability-cve-2026

5/5

BASF, Dassault Systèmes, and Honeywell breached by same threat actor

On February 3, threat actor "0APT" claimed breaches of three major industrial companies in a single day: BASF (2TB of data), Dassault Systèmes, and Honeywell.

Supply chain exposure — BASF, Dassault, and Honeywell have extensive European supply chains. If you're a supplier, subcontractor, or customer, your data may be in the 2TB+ exfiltrated from these companies
NIS2 supply chain requirements — under NIS2, essential entities must assess and manage cybersecurity risks in their supply chains. These breaches demonstrate exactly why
Single-day, multi-target attacks — the coordinated nature of this breach signals a shift toward industrialized, parallel targeting of entire supply ecosystems

See the February 2026 breach tracker → https://www.breachsense.com/breaches/2026/february/