If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system. Patch now, get the details here.
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.
A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
An info-stealing PyPI malware author was identified discreetly uploading malicious packages.
FortiGuard Labs cover the attack phases of three new PyPI packages that bear a resemblance to the culturestreak PyPI package discovered earlier this year. Learn more.
Learn how Bishop Fox built a POC exploit for the pre-authentication remote code injection vulnerability in the Fortinet SSL VPN published by Lexfo.
FortiGuard Labs unmasks IZ1H9 and explores the aggressive exploits in the Mirai-Based DDoS Campaign
In the evolving cybersecurity landscape, understanding the phishing threat has become more critical than ever. Read into a new threat resulting from the addition of a new Top-Level Domain (TLD), '.ZIP'.
FortiGuard Labs encountered recent samples of a DDoS-as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389, which was disclosed in mid-March of this year. Read more.
Affected Platforms: FortiOS
Impacted Users: Targeted at government, manufacturing, and critical infrastructure
Impact: Data loss and OS and file corruption
Severity Level: Critical
Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.
FortiGuard Labs highlights how a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol (VoIP) customers. Check back for analysis and coverage updates.
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user.
In this week's Ransomware Roundup, FortiGuardLabs covers Trigona ransomware along with protection recommendations. Read the blog to find out more.
The FortiGuard Labs team discovered an attack embedded in three PyPI packages called ‘colorslib’, ‘httpslib’, and “libhttps”. Read our blog to learn more.
FortiGuard Labs encountered an unreported CMS scanner and brute forcer written in the Go programming language. Read our analysis of the malware and how this active botnet scans and compromises websites.
FortiGuardLabs examines a botnet known as Zerobot written in the Go language targeting IoT vulnerabilities. Read our blog to learn about how it evolves, including self-replication, attacks for different protocols, and self-propagation as well as its behavior once inside an infected device.
Cyble Global Sensor Intelligence detects exploitation attempts of CVE-2022-40684, and CRIL observes Fortinet Access distribution in cybercrime forums.
The latest FortiGuard Labs Threat Signal Ransomware Roundup covers the Cryptonite ransomware, along with protection recommendations. Read more.
