New Fortinet VPN RCE Flaw Discovered, Patch ASAP

Critical vulnerability in Fortinet's SSL VPN poses a severe threat, enabling remote code execution by attackers.

Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be actively exploited by attackers. The vulnerability in Fortinet network security solutions poses a significant threat to organizations. It allows unauthenticated attackers to gain remote code execution (RCE) capabilities through maliciously crafted requests. Fortinet VPN RCE… Continue reading New Fortinet VPN RCE Flaw Discovered, Patch ASAP

Fortinet Fixes RCE Flaws in FortiOS and FortiProxy

Specifically-made packages allow hackers to execute arbitrary code without authentication

Fortinet, a well-known vendor of corporate-grade security solutions, issued an urgent patch that fixes critical vulnerabilities in two products. FortiOS and FortiProxy SSL-VPN were reportedly vulnerable to remote code execution vulnerabilities – it is common to see them graded with CVSS 8-9/10. What is Fortinet and its products? Fortinet is a developer of a very… Continue reading Fortinet Fixes RCE Flaws in FortiOS and FortiProxy

Top 3 Vulnerabilities of 2023: How to Block and Prevent

Through the last 5 years, more and more attacks are done with the use of vulnerabilities

Any successful cyber attack begins with penetrating the target network. Cybercriminals must overcome network defenses, whether it’s a stealer, ransomware, or other malware. According to an expert report, in 2022, 50% of successful infiltrations were performed using previously known vulnerabilities. Top Vulnerabilities 2023 According to the cybersecurity report in 2023, the previously known vulnerabilities reported… Continue reading Top 3 Vulnerabilities of 2023: How to Block and Prevent

GoTrim Malware Hacks WordPress Sites

Fortinet specialists have discovered a new GoTrim malware written in Go that scans the Internet for WordPress sites and brute-forces them by guessing the administrator password. Such attacks can lead to the deployment of malware, the introduction of scripts on websites to steal bank cards, the placement of phishing pages, and other attack scenarios that… Continue reading GoTrim Malware Hacks WordPress Sites

Open-Source Cryptor Cryptonite Became a Wiper due to a Bug

Fortinet researchers studied the recently appeared open-source cryptor Cryptonite, distributed for free on GitHub. It turned out that the creator of the malware made a mistake in the code, and the malware did not encrypt, but destroyed the data of the victims. Let me remind you that we also wrote about FBI Says Cuba Ransomware… Continue reading Open-Source Cryptor Cryptonite Became a Wiper due to a Bug

Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers

The researchers warned that the RapperBot Mirai botnet has resumed activity, and now the updated malware is used for DDoS attacks on game servers, although the exact goals of the botnet are unknown. Let me remind you that we also wrote that Google revealed the most powerful DDoS attack in history, and also that MooBot… Continue reading Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers