November 21, 2024 at 09:39AM A design flaw in Fortinet’s VPN logging mechanism allows successful credential verifications during brute-force attacks to go unlogged. Researchers from Pentera discovered that halting the login process post-authentication prevents successful attempts from being recorded, risking undetected breaches. Fortinet does not classify the issue as a vulnerability. ### Meeting Takeaways: 1. … Read more
November 16, 2024 at 02:24AM A threat actor named BrazenBamboo has exploited a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials using a tool called DEEPDATA. Discovered by Volexity, this malware, used in cyber espionage, is part of a broader framework encompassing various communication platforms and data exfiltration capabilities. ### Meeting Takeaways … Read more
November 14, 2024 at 05:30PM A critical vulnerability (CVE-2024-47574) in Fortinet’s FortiClient VPN could allow unauthorized code execution and privilege escalation on Windows systems. Patched in version 7.4.1, it has a 7.8 CVSS rating. Another flaw (CVE-2024-50564) allows altering SYSTEM-level registry keys. Both vulnerabilities were not exploited in the wild. **Meeting Takeaways:** 1. **High-Severity Vulnerability … Read more
November 13, 2024 at 10:54AM In 2023, many of the most frequently exploited vulnerabilities were initially zero-day vulnerabilities, as reported by government agencies. Notable companies affected included Citrix, Cisco, and Fortinet, highlighting ongoing security challenges organizations face in protecting their systems. ### Meeting Notes Takeaways: 1. **Top Exploits of 2023**: Most frequently exploited vulnerabilities this … Read more
November 13, 2024 at 07:21AM Citrix and Fortinet have issued patches addressing multiple vulnerabilities, including high-severity issues in their NetScaler and FortiOS products. **Meeting Takeaways:** 1. **Patch Releases**: Citrix and Fortinet have issued patches addressing multiple vulnerabilities. 2. **Severity of Vulnerabilities**: The patches include fixes for high-severity vulnerabilities specifically in NetScaler and FortiOS. 3. **Source … Read more
November 6, 2024 at 05:27PM Researchers have identified Winos 4.0, a malicious framework spread through gaming utility tools. Rebuilt from Gh0strat, it enables complex attack campaigns targeting Chinese-speaking users via SEO and social media. The malware executes via a fake BMP file, emphasizing the need for users to download software only from trusted sources. ### … Read more
November 6, 2024 at 09:40AM Researchers alert that the Winos 4.0 malware, linked to gaming apps, allows extensive control over compromised systems. Originating from Gh0st RAT, it targets Chinese-speaking users through deceptive tactics. The malware executes a multi-stage infection process, harvesting sensitive data and facilitating backdoor access for further exploitation. **Meeting Takeaways: Cybersecurity Update on … Read more
October 24, 2024 at 04:25PM A critical vulnerability (CVE-2024-47575) in Fortinet’s FortiManager has been exploited by threat actor UNC5820, compromising over 50 devices. This flaw allows unauthorized access and manipulation, raising security concerns. Though sensitive information was extracted, no follow-up attacks have been reported. Immediate forensic investigations and remediation efforts are advised. ### Meeting Takeaways … Read more
October 24, 2024 at 10:04AM A vulnerability in Fortinet’s FortiManager, tracked as CVE-2024-47575, has been exploited since June 2024, allowing unauthorized access to servers. Mandiant identified the threat actor UNC5820, who stole sensitive configuration data. Fortinet has released patches and mitigation strategies to protect against further exploitation. ### Meeting Takeaways on Fortinet FortiManager Vulnerability (CVE-2024-47575) … Read more
October 24, 2024 at 04:06AM Fortinet has identified a critical vulnerability (CVE-2024-47575) in FortiManager, affecting multiple versions and potentially exploited by remote attackers. The flaw allows unauthorized code execution. Fortinet recommends workarounds and has included the issue in the U.S. CISA’s Known Exploited Vulnerabilities catalog, requiring federal agencies to act by November 13, 2024. ### … Read more