Botnets Continue to Target Aging D-Link Vulnerabilities
FortiGuard Labs recently noticed that attackers still use and deliver two different botnets via D-Link exposing a HNAP interface weakness. Learn more.
Threat Campaign Spreads Winos4.0 Through Game Application
FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.
New Campaign Uses Remcos RAT to Exploit Victims
See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.
Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks
On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution. The vulnerability arises from a missing authentication for a critical function [CWE-306] in the FortiManager fgfmd daemon that allows a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. The vulnerability carries a CVSS v3 score of 9.8.
Fortinet releases patches for undisclosed critical FortiManager vulnerability - Help Net Security
Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited.
Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn more.
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
It affected (before patching) all currently-maintained branches, and recently was highlighted by CISA as being exploited-in-the-wild. This must be the first time real-world attackers have reversed a patch, and reproduced a vulnerability, before some dastardly researchers released a detection artefact generator tool of their own. /s At watchTowr's core, we're all about identifying and validating ways into organisations - sometimes through vulnerabilities in network border appliances - without requiring such luxuries as credentials or asset lists.
Fortinet suffers third-party data breach affecting Asia-Pacific customers - Cyber Daily
International cyber security giant Fortinet has disclosed that it has suffered a data breach.
Exploiting CVE-2024-21412: A Stealer Campaign Unleashed
FortiGuard Labs has observed a stealer campaign spreading multiple files that exploit CVE-2024-21412 to download malicious executable files. Read more.
Multiple flaws in Fortinet FortiOS fixed
Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue.
Menace Unleashed: Excel File Deploys Cobalt Strike at Ukraine | Fortinet Blog
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more.
New “Goldoon” Botnet Targeting D-Link Devices
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051.
Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability
If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system. Patch now, get the details here.
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
Chinese hackers infect Dutch armed forces network with malware
A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
Info Stealing Packages Hidden in PyPI
An info-stealing PyPI malware author was identified discreetly uploading malicious packages.