February 7, 2024 at 04:02AM Chinese state-backed hackers targeted the Dutch armed forces’ computer network using a known critical security flaw in Fortinet FortiGate devices, resulting in the deployment of COATHANGER malware for persistent remote access. The Dutch Military Intelligence and Security Service confirmed the breach, marking the first public attribution of a cyber espionage … Read more
February 6, 2024 at 03:09PM Two critical command injection vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in Fortinet’s FortiSIEM product have provisional CVSS scores of 10. These flaws impact multiple versions of FortiSIEM, potentially allowing threat actors to execute unauthorized code. The link provided by Fortinet leads to a write-up on a prior vulnerability, hinting at a potential … Read more
February 6, 2024 at 08:37AM Fortinet’s FortiSIEM product is affected by two critical security vulnerabilities (CVE-2024-23108 and CVE-2024-23109) with a severity score of 10 on the CVSS scale. These flaws allow for remote code execution by unauthenticated attackers. Currently, the affected versions are specified, and Fortinet has recommended upgrading to version 7.1.2 to address the … Read more
January 20, 2024 at 06:45AM A China-linked cyber espionage group, UNC3886, exploited a zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server, allowing privileged access and deployment of malware. These actions enable further exploitation of VMware flaws. VMware advises users to update to avoid potential threats. Additionally, UNC3886 utilized a Fortinet flaw (CVE-2022-41328) to implant malware, targeting … Read more
November 17, 2023 at 11:15AM SecurityWeek’s weekly roundup highlights several cybersecurity stories. The world-renowned law firm Allen & Overy experienced a data breach by the LockBit ransomware group. The largest bank in China, Industrial and Commercial Bank of China, allegedly paid a ransom to the LockBit gang. Europol aided in the takedown of a vishing … Read more
November 17, 2023 at 01:06AM The U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. The vulnerabilities include a Microsoft Windows security bypass, a Sophos command injection, and an unspecified Oracle vulnerability. A critical command injection bug has also been disclosed in FortiSIEM report server. … Read more
October 10, 2023 at 11:54AM A variant of the Mirai botnet, known as IZ1H9, has updated its tools with 13 new exploits targeting vulnerabilities in IoT devices from various manufacturers, including D-Link, TP-Link, Zyxel, and others. This variant is highly active in exploiting these vulnerabilities for distributed denial-of-service (DDoS) attacks. Fortinet observed thousands of attack … Read more