Fortinet Acquires Perception Point Reportedly for $100 Million

December 12, 2024 at 10:10AM Fortinet announced the acquisition of Israeli security company Perception Point for approximately $100 million. Perception Point enhances Fortinet’s security offerings with advanced threat detection and cloud-native solutions for email and collaboration platforms. This marks Fortinet’s third acquisition in 2024, following Next DLP and Lacework. **Meeting Notes Takeaways:** 1. **Acquisition Announcement**: … Read more

Fortinet VPN design flaw hides successful brute-force attacks

November 21, 2024 at 09:39AM A design flaw in Fortinet’s VPN logging mechanism allows successful credential verifications during brute-force attacks to go unlogged. Researchers from Pentera discovered that halting the login process post-authentication prevents successful attempts from being recorded, risking undetected breaches. Fortinet does not classify the issue as a vulnerability. ### Meeting Takeaways: 1. … Read more

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

November 16, 2024 at 02:24AM A threat actor named BrazenBamboo has exploited a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials using a tool called DEEPDATA. Discovered by Volexity, this malware, used in cyber espionage, is part of a broader framework encompassing various communication platforms and data exfiltration capabilities. ### Meeting Takeaways … Read more

Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost

November 14, 2024 at 05:30PM A critical vulnerability (CVE-2024-47574) in Fortinet’s FortiClient VPN could allow unauthorized code execution and privilege escalation on Windows systems. Patched in version 7.4.1, it has a 7.8 CVSS rating. Another flaw (CVE-2024-50564) allows altering SYSTEM-level registry keys. Both vulnerabilities were not exploited in the wild. **Meeting Takeaways:** 1. **High-Severity Vulnerability … Read more

Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities

November 13, 2024 at 10:54AM In 2023, many of the most frequently exploited vulnerabilities were initially zero-day vulnerabilities, as reported by government agencies. Notable companies affected included Citrix, Cisco, and Fortinet, highlighting ongoing security challenges organizations face in protecting their systems. ### Meeting Notes Takeaways: 1. **Top Exploits of 2023**: Most frequently exploited vulnerabilities this … Read more

Citrix, Fortinet Patch High-Severity Vulnerabilities

November 13, 2024 at 07:21AM Citrix and Fortinet have issued patches addressing multiple vulnerabilities, including high-severity issues in their NetScaler and FortiOS products. **Meeting Takeaways:** 1. **Patch Releases**: Citrix and Fortinet have issued patches addressing multiple vulnerabilities. 2. **Severity of Vulnerabilities**: The patches include fixes for high-severity vulnerabilities specifically in NetScaler and FortiOS. 3. **Source … Read more

Chinese Gamers Targeted in Winos4.0 Framework Scam

November 6, 2024 at 05:27PM Researchers have identified Winos 4.0, a malicious framework spread through gaming utility tools. Rebuilt from Gh0strat, it enables complex attack campaigns targeting Chinese-speaking users via SEO and social media. The malware executes via a fake BMP file, emphasizing the need for users to download software only from trusted sources. ### … Read more

New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

November 6, 2024 at 09:40AM Researchers alert that the Winos 4.0 malware, linked to gaming apps, allows extensive control over compromised systems. Originating from Gh0st RAT, it targets Chinese-speaking users through deceptive tactics. The malware executes a multi-stage infection process, harvesting sensitive data and facilitating backdoor access for further exploitation. **Meeting Takeaways: Cybersecurity Update on … Read more

Critical Bug Exploited in Fortinet’s Management Console

October 24, 2024 at 04:25PM A critical vulnerability (CVE-2024-47575) in Fortinet’s FortiManager has been exploited by threat actor UNC5820, compromising over 50 devices. This flaw allows unauthorized access and manipulation, raising security concerns. Though sensitive information was extracted, no follow-up attacks have been reported. Immediate forensic investigations and remediation efforts are advised. ### Meeting Takeaways … Read more

Mandiant says new Fortinet flaw has been exploited since June

October 24, 2024 at 10:04AM A vulnerability in Fortinet’s FortiManager, tracked as CVE-2024-47575, has been exploited since June 2024, allowing unauthorized access to servers. Mandiant identified the threat actor UNC5820, who stole sensitive configuration data. Fortinet has released patches and mitigation strategies to protect against further exploitation. ### Meeting Takeaways on Fortinet FortiManager Vulnerability (CVE-2024-47575) … Read more