Recherche : [fortinet]

New Rust Botnet "RustoBot" is Routed via Routers https://www.fortinet.com/blog/threat-research/new-rust-botnet-rustobot-is-routed-via-routers

23/04/2025 08:30:04

FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Learn more about this malware targeting these devices.

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/

20/04/2025 12:44:39

A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.

Analysis of Threat Actor Activity https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity

13/04/2025 12:50:41

Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent Fortinet investigations have discovered a post exploitation technique used by a threat actor. This blog offers analysis of that finding to help our customers make informed decisions.

New Ransomware Operator Exploits Fortinet Vulnerability Duo https://www.forescout.com/blog/new-ransomware-operator-exploits-fortinet-vulnerability-duo/

14/03/2025 17:19:23

Between late January and early March, Forescout Research – Vedere Labs identified a series of intrusions based on two Fortinet vulnerabilities. It began with the exploitation of Fortigate firewall appliances — culminating in the deployment of a newly discovered ransomware strain we have dubbed SuperBlack.

Fortinet discloses second firewall auth bypass patched in January https://www.bleepingcomputer.com/news/security/fortinet-discloses-second-firewall-auth-bypass-patched-in-january/

12/02/2025 08:42:05

Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.

Analysis of Threat Actor Data Postin https://www.https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-data-posting.com/blog/psirt-blogs/analysis-of-threat-actor-data-posting

17/01/2025 11:42:17

This blog analysis regarding a recent threat actor posting, which claims to offer compromised configuration and VPN credentials from FortiGate devices, provides factual information to help our customers better understand the situation and make informed decisions.

Botnets Continue to Target Aging D-Link Vulnerabilities https://www.fortinet.com/blog/threat-research/botnets-continue-to-target-aging-d-link-vulnerabilities

27/12/2024 11:35:17

FortiGuard Labs recently noticed that attackers still use and deliver two different botnets via D-Link exposing a HNAP interface weakness. Learn more.

FortiClient VPN Logging Blind Spot Revealed https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/

21/11/2024 16:01:38

Security research that presents a method to automatically validate credentials against Fortinet VPN servers by uncovering an exploit that attackers can use to compromise countless organizations.

Threat Campaign Spreads Winos4.0 Through Game Application https://www.fortinet.com/blog/threat-research/threat-campaign-spreads-winos4-through-game-application

11/11/2024 09:10:49

FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.

New Campaign Uses Remcos RAT to Exploit Victims https://www.fortinet.com/blog/threat-research/new-campaign-uses-remcos-rat-to-exploit-victims

08/11/2024 17:16:39

See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.

Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks https://www.rapid7.com/blog/post/2024/10/23/etr-fortinet-fortimanager-cve-2024-47575-exploited-in-zero-day-attacks/

23/10/2024 18:45:31

On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution. The vulnerability arises from a missing authentication for a critical function [CWE-306] in the FortiManager fgfmd daemon that allows a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. The vulnerability carries a CVSS v3 score of 9.8.

Fortinet releases patches for undisclosed critical FortiManager vulnerability - Help Net Security https://www.helpnetsecurity.com/2024/10/21/fortimanager-critical-vulnerability/

22/10/2024 15:45:17

Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited.

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa

21/10/2024 21:14:10

A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn more.

Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/

14/10/2024 21:25:41

It affected (before patching) all currently-maintained branches, and recently was highlighted by CISA as being exploited-in-the-wild.

This must be the first time real-world attackers have reversed a patch, and reproduced a vulnerability, before some dastardly researchers released a detection artefact generator tool of their own. /s

At watchTowr's core, we're all about identifying and validating ways into organisations - sometimes through vulnerabilities in network border appliances - without requiring such luxuries as credentials or asset lists.

Fortinet suffers third-party data breach affecting Asia-Pacific customers - Cyber Daily https://www.cyberdaily.au/security/11098-fortinet-suffers-third-party-data-breach-affecting-asia-pacific-customers

12/09/2024 16:13:59

International cyber security giant Fortinet has disclosed that it has suffered a data breach.

Exploiting CVE-2024-21412: A Stealer Campaign Unleashed https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

24/07/2024 20:44:05

FortiGuard Labs has observed a stealer campaign spreading multiple files that exploit CVE-2024-21412 to download malicious executable files. Read more.

Multiple flaws in Fortinet FortiOS fixed https://securityaffairs.com/164494/security/fortios-high-severity-code-execution-flaws.html?amp

14/06/2024 08:13:37

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue.

Menace Unleashed: Excel File Deploys Cobalt Strike at Ukraine | Fortinet Blog https://www.fortinet.com/blog/threat-research/menace-unleashed-excel-file-deploys-cobalt-strike-at-ukraine

09/06/2024 16:31:33

FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more.

New “Goldoon” Botnet Targeting D-Link Devices https://www.fortinet.com/blog/threat-research/new-goldoon-botnet-targeting-d-link-devices

03/05/2024 08:38:05

FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051.

Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html?m=1

11/04/2024 09:41:13

If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system. Patch now, get the details here.

Liens par page

Filtres