Tag: fortinet
-
Mandiant says new Fortinet flaw has been exploited since June
A new Fortinet FortiManager flaw dubbed FortiJump and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 serv… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-says-new-fortinet-fortimanager-flaw-has-been-exploited-since-june/
-
Hackers Probing Newly Disclosed Fortinet Zero-Day
Mandiant Says High-Severity Flaw Could Give Attackers Remote Unauthenticated Access. Researchers at Mandiant say a new threat cluster, first observed … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-probing-newly-disclosed-fortinet-zero-day-a-26624
-
New Fortinet Zero-Day Exploited for Months Before Patch
A Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024. The post New Fortinet Zero-Day Exploite… First seen on securityweek.com Jump to article: www.securityweek.com/new-fortinet-zero-day-exploited-for-months-before-patch-release/
-
Fortinet Confirms Zero-Day Exploit Targeting FortiManager Systems
Fortinet confirms zero-day exploits hitting critical (CVSS severity score 9.8/10) remote code execution bug in the FortiManager platform. The post For… First seen on securityweek.com Jump to article: www.securityweek.com/fortinet-confirms-zero-day-exploit-targeting-fortimanager-systems/
-
Hackers Probing Newly Disclosed Fortinet Zero Day
Mandiant Says High-Severity Flaw Could Give Attackers Remote Unauthenticated Access. Researchers at Mandiant say a new threat cluster first observed J… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-probing-newly-disclosed-fortinet-zero-day-a-26624
-
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to stea… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-warns-of-new-critical-fortimanager-flaw-used-in-zero-day-attacks/
-
Fortinet Discloses Actively Exploited Zero-Day
U.S. Federal Government Gives Agencies Three Weeks to Patch or Mitigate. Fortinet disclosed an actively exploited vulnerability in its centralized man… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fortinet-discloses-actively-exploited-zero-day-a-26602
-
FortiOS, FortiPAM, FortiProxy und FortiWeb betroffen – CISA warnt vor kritischer Schwachstelle in mehreren Fortinet-Produkten
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-schwachstelle-fortinet-cyberangriffe-a-225bf38954cb11a6d87cbb6584b5ba94/
-
FortiJump: Yet Another Critical Fortinet 0-Day RCE
First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/fortinet-fortijump-0day-richixbw/
-
Fortinet releases patches for undisclosed critical FortiManager vulnerability
In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/21/fortimanager-critical-vulnerability/
-
Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are y… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/20/week-in-review-87k-fortinet-devices-still-open-to-attack-red-teaming-tool-used-for-edr-evasion/
-
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html
-
Critical CVE in 4 Fortinet products actively exploited
CISA added the format string vulnerability to its known exploited vulnerabilities catalog last week, months after it was first disclosed by the compan… First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-cve-fortinet-exploited/729736/
-
Thousands Of Fortinet Instances Vulnerable To Actively Exploited Flaw
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36467/Thousands-Of-Fortinet-Instances-Vulnerable-To-Actively-Exploited-Flaw.html
-
Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks
Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services Appliance (CSA). T… First seen on securityonline.info Jump to article: securityonline.info/suspected-nation-state-adversary-exploits-ivanti-csa-in-a-series-of-sophisticated-attacks/
-
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog… First seen on securityaffairs.com Jump to article: securityaffairs.com/169804/hacking/u-s-cisa-adds-fortinet-products-and-ivanti-csa-bugs-known-exploited-vulnerabilities-catalog.html
-
Fortinet Edge Devices Under Attack – Again
Hackers May Have Reverse-Engineered February Patch. Hackers may have circumvented a months-old patch for Fortinet gateway devices leading to a warning… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fortinet-edge-devices-under-attack-again-a-26545
-
Fortinet Integrates Lacework CNAPP into Cybersecurity Portfolio
Fortinet has made generally available a version of the CNAPP it gained that is now integrated with the Fortinet Security Fabric, an orchestration fram… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/fortinet-integrates-lacework-cnapp-into-cybersecurity-portfolio/
-
Fortinet confirms data breach, extortion demand
Fortinet confirmed that a threat actor stole data from a third-party cloud-based shared file drive, which affected a small number of customers, but ma… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366610477/Fortinet-confirms-data-breach-extortion-demand
-
Impact of actively exploited Fortinet bug remains widespread
First seen on scworld.com Jump to article: www.scworld.com/brief/impact-of-actively-exploited-fortinet-bug-remains-widespread
-
Tens of thousands of IPs vulnerable to Fortinet flaw dubbed ‘must patch’ by feds
First seen on cyberscoop.com Jump to article: cyberscoop.com/ips-vulnerable-fortinet-flaw-must-patch/
-
Kritische Fortinet-Sicherheitslücke wird angegriffen
First seen on heise.de Jump to article: www.heise.de/news/Kritische-Fortinet-Sicherheitsluecke-wird-angegriffen-9976779.html
-
Nation-state actor exploited three Ivanti CSA zero-days
An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard … First seen on securityaffairs.com Jump to article: securityaffairs.com/169778/apt/ivanti-cloud-service-appliance-three-zero.html
-
Fortigate SSLVPN Vulnerability Exploited in the Wild
A critical vulnerability in Fortinet’s FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in the wild. This format string flaw v… First seen on gbhackers.com Jump to article: gbhackers.com/fortigate-sslvpn-vulnerability/
-
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGat… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/15/cve-2024-23113/
-
CISA Adds Fresh Ivanti Vuln, Critical Fortinet Bug To Hall Of Shame
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36454/CISA-Adds-Fresh-Ivanti-Vuln-Critical-Fortinet-Bug-To-Hall-Of-Shame.html
-
Chinese State Hackers Main Suspect in Recent Ivanti CSA Zero-Day Attacks
Fortinet believes state-sponsored threat actors are behind the recent attacks involving exploitation of Ivanti CSA zero-days. The post Chinese State H… First seen on securityweek.com Jump to article: www.securityweek.com/ivanti-csa-zero-day-exploitation-attributed-to-state-sponsored-hackers/
-
CISA Warns of Fortinet Ivanti Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerab… First seen on gbhackers.com Jump to article: gbhackers.com/cisa-added-fortinet-ivanti-vulnerabilities-that-exploited-in-the-wild/
-
U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S… First seen on securityaffairs.com Jump to article: securityaffairs.com/169619/security/u-s-cisa-adds-ivanti-csa-and-fortinet-bugs-to-its-known-exploited-vulnerabilities-catalog.html
-
CISA says critical Fortinet RCE flaw now exploited in attacks
First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-critical-fortinet-rce-flaw-now-exploited-in-attacks/