Strondex

The Strondex Blog

Recent security incidents in plain English — what happened, and the specific controls that would have changed the outcome. Written for the people who have to answer for it.

Vulnerability

FortiBleed: 75,000 Firewalls, and the One Control That Stops It

A credential-harvesting campaign exposed admin and VPN logins on tens of thousands of Fortinet firewalls across 194 countries. Here's how it worked — and why your cyber insurer asks about MFA on remote access.

June 19, 2026

Breach Analysis

The Canvas Breach: When Your Vendor Gets Hacked, You're Still on the Hook

ShinyHunters breached the Canvas learning platform twice in two weeks, hitting thousands of schools. The lesson for every business: your data lives in vendors you don't control — and your insurer knows it.

June 19, 2026

Breach Analysis

Charter, a Phone Call, and 13 Million Records: The Vishing Playbook

No malware, no zero-day — just a phone call and missing phishing-resistant MFA. How ShinyHunters walked into a telecom giant, and what underwriters now expect you to have in place.

June 19, 2026