Fortinet Data Breach Impacts Customer Information

September 13, 2024 at 05:03AM Fortinet confirmed a data breach after a hacker leaked 440 Gb of data allegedly obtained from an Azure Sharepoint instance. The hacker, named ‘Fortibitch,’ released information on accessing an AWS S3 bucket storing the data. However, Fortinet clarified that less than 0.3% of customer data was compromised, and no evidence … Read more

Fortinet confirms data breach after hacker claims to steal 440GB of files

September 12, 2024 at 02:03PM Fortinet, a cybersecurity company, has confirmed a data breach after a threat actor claimed to have stolen 440GB of files from its Microsoft Sharepoint server. Based on the meeting notes, it appears that cybersecurity company Fortinet has confirmed a data breach after a threat actor claimed to have stolen 440GB … Read more

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

August 16, 2024 at 08:21AM Chinese-speaking users are being targeted by an ongoing campaign distributing the multi-stage malware ValleyRAT, capable of remote control and executing various harmful actions on compromised workstations. The attackers utilize shellcode extensively and deploy arbitrary plugins. The malware’s distribution method remains unknown. The campaign emerges amid attempts to exploit an old … Read more

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

July 10, 2024 at 10:33AM Veeam Backup & Replication software contains a patched security flaw being exploited by the ransomware group EstateRansomware. The threat actors used a dormant account to gain initial access, pivoting laterally through the SSL VPN service. They deployed a persistent backdoor to evade detection and carried out attacks, including disabling Windows … Read more

In Other News: Fuxnet ICS Malware, Google User Tracking, CISA Employee Scams 

June 14, 2024 at 10:27AM SecurityWeek curates a weekly roundup of cybersecurity stories, focusing on diverse developments like Chinese cyberspies hacking Fortinet devices, a White House initiative to secure rural hospitals, vulnerabilities in biometric access systems, ICS malware Fuxnet, EU’s encryption backdoor push, and more. Microsoft will evaluate employees’ cybersecurity work for compensation. US federal … Read more

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

June 12, 2024 at 05:15AM China-backed threat actors accessed 20,000 Fortinet FortiGate systems globally by exploiting a critical vulnerability, with the operation impacting Western governments, international organizations, and defense companies. The attackers deployed a backdoor to maintain remote access and spread malware, highlighting the increasing trend of targeting edge devices for cyber attacks. For more … Read more

Chinese hackers breached 20,000 FortiGate systems worldwide

June 11, 2024 at 12:28PM Dutch Military Intelligence and Security Service (MIVD) warned of the significant impact of a Chinese cyber-espionage campaign. Exploiting a critical vulnerability in FortiOS/FortiProxy, Chinese hackers infected 14,000 devices, targeting governments, organizations, and defense industry. They deployed a remote access trojan malware, giving them permanent access to systems and breaching at … Read more

Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine

June 4, 2024 at 08:13AM A sophisticated cyber attack targeting endpoints in Ukraine aims to deploy Cobalt Strike and establish control over compromised hosts. The attack involves a multi-stage malware strategy using a Microsoft Excel file with an embedded VBA macro. The attack employs evasion techniques, location-based checks, and manipulation of DLL files for persistence … Read more

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

May 29, 2024 at 02:10PM A critical vulnerability in Fortinet’s FortiSIEM product, CVE-2024-23108, poses a significant risk for potential exploitation. Dubbed “NodeZero” by researchers at Horizon3AI, the exploit enables unauthorized remote code execution on vulnerable appliances. Users of affected versions should patch immediately to mitigate the risk and prevent compromise. Based on the meeting notes, … Read more

Exploit released for maximum severity Fortinet RCE bug, patch now

May 28, 2024 at 12:25PM Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiSIEM solution, impacting versions 6.4.0 and higher. Tracked as CVE-2024-23108, the flaw enables remote command execution as root without authentication. This PoC exploit could allow attackers to execute unauthorized commands and must be addressed promptly to … Read more