• BleepingComputer

The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qili ... Read more

• security.nl

Wereldwijd hebben aanvallers zo'n 17.000 Fortinet-firewalls van een 'symlink-backdoor' voorzien, zo meldt The Shadowserver Foundation op basis van eigen onderzoek. Het aantal waargenomen gecompromitte ... Read more

• Dark Reading

Source: JHVEPhoto via Alamy Stock PhotoNEWS BRIEFAn unnamed threat actor claims that a zero-day vulnerability found within Fortinet's FortiGate firewalls can be exploited remotely, allowing the attack ... Read more

• security.nl

Nederland telt meer dan honderdvijftig gecompromitteerde Fortinet-firewalls, zo stelt The Shadowserver Foundation op basis van eigen onderzoek. De meeste infecties werden in de Verenigde Staten, Japan ... Read more

• Daily CyberSecurity

In an urgent alert to the cybersecurity community, Fortinet has detailed an active threat campaign exploiting known vulnerabilities in FortiGate appliances, highlighting a novel post-exploitation tech ... Read more

• Cyber Security News

Fortinet has uncovered a sophisticated post-exploitation technique used by a threat actor to maintain unauthorized access to FortiGate devices, even after initial vulnerabilities were patched. The dis ... Read more

• TheCyberThrone

The symlink trick is a post-exploitation technique used by attackers to maintain access to Fortinet devices even after initial vulnerabilities have been patched. This exploitation method leverages sym ... Read more

• The Hacker News

Network Security / Vulnerability Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to bre ... Read more

• BleepingComputer

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was ... Read more

• security.nl

Fortinet waarschuwt klanten voor een nieuwe techniek waarvan aanvallers gebruikmaken en ervoor zorgt dat ze read-only toegang tot FortiGate-firewalls behouden. Volgens het bedrijf maken de aanvallers ... Read more

• Cybersecurity News

A new report from Arctic Wolf Labs reveals a concerning campaign targeting publicly exposed management interfaces on Fortinet FortiGate firewalls. Threat actors exploited vulnerabilities to manipulate ... Read more

• Help Net Security

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day by attackers to compromis ... Read more

• TheCyberThrone

The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim ... Read more

• Dark Reading

Source: Birgit Korber via Alamy Stock PhotoThe National Police Agency and the National Center of Incident Readiness and Strategy for Cybersecurity warned Japanese organizations of a sophisticated Chin ... Read more

• BleepingComputer

The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed "MirrorFace" hacking group. The ... Read more

• Cybersecurity News

On January 8, 2025, the Japanese National Police Agency (NPA) issued a critical warning regarding ongoing cyberattacks attributed to the MirrorFace group, also known as “Earth Kasha.” Active since 201 ... Read more

• The Register

The Chinese government's intrusions into America's telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructi ... Read more

• The Hacker News

Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure acces ... Read more

• Cybersecurity News

The Tenable Security Response Team has uncovered critical details about Volt Typhoon, a state-sponsored Advanced Persistent Threat (APT) group linked to the People’s Republic of China. The group has b ... Read more

• Trend Micro

This blog is based on a presentation by the authors at Virus Bulletin 2024. Introduction LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the grou ... Read more

• TheCyberThrone

In a joint cybersecurity advisory, the security agencies across the world have identified the most exploited vulnerabilities of 2023. This advisory, coauthored by the Cybersecurity and Infrastructure ... Read more

• The Register

The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued their annual list of the 15 most exploited vulnerabilities, and warned that attacks on zero-day exploits have ... Read more

• Help Net Security

A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities on t ... Read more

• Cybersecurity News

In a joint cybersecurity advisory, the top cybersecurity agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom have identified the most exploited vulnerabilities of 2 ... Read more

• The Cyber Express

The FBI, NSA, and allied agencies within the Five Eyes intelligence network have published a list of the 15 most exploited vulnerabilities from 2023. The cybersecurity advisory, a collaborative effort ... Read more

• BleepingComputer

​The FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. A joint advis ... Read more

• security.nl

De Amerikaanse autoriteiten hebben samen met cyberagentschappen uit Australië, Canada, Nieuw-Zeeland en het Verenigd Koninkrijk een overzicht van de meest misbruikte kwetsbaarheden in 2023 opgesteld. ... Read more

• TheCyberThrone

Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of October 2024CVE-2024-21762: Fortinet FortiOS: Out-of-bounds WriteCVSS 3.1 score : 9.8 CISA KEV : Y ... Read more

• BleepingComputer

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP ad ... Read more

• BleepingComputer

Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 ... Read more

• Help Net Security

A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One re ... Read more

• Google Cloud

Written by: Casey Charrier, Robert Weiner Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (9 ... Read more

• cybereason.com

This Threat Analysis Report will delve into a newly discovered nation-state level threat Campaign tracked by Cybereason as Cuckoo Spear. It will outline how the associated Threat Actor persists stealt ... Read more

• The Hacker News

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various ... Read more