In 2023, Fortinet became a member of JCDC, expanding our commitment to fortifying the cybersecurity of our nation. Fortinet celebrates the two years of progress with JCDC, continuing our commitment to bring together public and private organizations to gather, analyze, and share actionable insights to…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20035 SonicWall SMA100 Appliances OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise….
To mark the organization’s fifth anniversary, MITRE’s Center for Threat-Informed Defense published its 2024 Impact Report, which details the organization’s 40 open-source research projects and how they benefit the cybersecurity community. This is a closer look at three of those initiatives, along with how they…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31161 CrushFTP Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53197 Linux Kernel Out-of-Bounds Access Vulnerability CVE-2024-53150 Linux Kernel Out-of-Bounds Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…
Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent Fortinet investigations have discovered a…
FortiGuard Labs has recently discovered a series of malicious NPM packages designed to steal sensitive information from compromised systems. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet vulnerabilities (CVE-2024-21762, CVE-2023-27997, and CVE-2022-42475) within FortiGate products. This malicious file could enable read-only access to files on the device’s file system, which may include configurations. Fortinet has communicated directly…
