Impersonation scams are on the rise and often use the names and titles of government employees. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency. As a reminder, CISA staff will never contact you with a…
Rilevata una vulnerabilità di sicurezza con gravità “alta” in SolarWinds Serv-U, piattaforma software utilizzata per il monitoraggio e la gestione centralizzata in reti di grandi dimensioni. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato la lettura di file arbitrari sui dispositivi target. Source…
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
Rilevate nuove vulnerabilità in alcuni prodotti Fortinet, di cui una con gravità “alta”, in FortiOS. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato l’esecuzione di codice arbitrario sui dispositivi target tramite comandi CLI opportunamente predisposti. Source link Author: csirt@pec.acn.gov.it Article used for cyber…
Fortinet is committed to collaborating with esteemed cybersecurity authorities to advance critical industry discussions. One of those vital conversations occurred at our RSA Conference (RSAC) 2024 panel, “No More Secrets in Cybersecurity: Implementing ‘Radical Transparency.’” Source link Author: Fortinet Article used for cyber security disclosure.
A new phishing campaign was recently captured by our FortiGuard Labs that spreads a new Agent Tesla variant targeting Spanish-speaking people. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
Fortinet has released security updates to address a vulnerability in FortiOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following Fortinet Security Bulletin and apply the necessary updates: FG-IR-23-460: Multiple…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-3506 Oracle WebLogic Server OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise….
