Tag: Fortinet

  • Cloud Blog: How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/time-to-exploit-trends-2023/ Source: Cloud Blog Title: How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends Feedly Summary: Written by: Casey Charrier, Robert Weiner Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (97) of these vulnerabilities were…

  • The Register: Thousands of Fortinet instances vulnerable to actively exploited flaw

    Source URL: https://www.theregister.com/2024/10/14/fortinet_vulnerability/ Source: The Register Title: Thousands of Fortinet instances vulnerable to actively exploited flaw Feedly Summary: No excuses for not patching this nine-month-old issue More than 86,000 Fortinet instances remain vulnerable to the critical flaw that attackers started exploiting last week, according to Shadowserver’s data.… AI Summary and Description: Yes Summary: The text…

  • The Register: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame

    Source URL: https://www.theregister.com/2024/10/10/cisa_ivanti_fortinet_vulns/ Source: The Register Title: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame Feedly Summary: Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in…

  • Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    Source URL: https://www.cisa.gov/news-events/alerts/2024/10/09/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability CVE-2024-9379 Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability CVE-2024-9380 Ivanti Cloud Services Appliance (CSA) OS Command Injection…

  • Slashdot: Fortinet Confirms Data Breach After Hacker Claims To Steal 440GB of Files

    Source URL: https://it.slashdot.org/story/24/09/13/1539247/fortinet-confirms-data-breach-after-hacker-claims-to-steal-440gb-of-files?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Fortinet Confirms Data Breach After Hacker Claims To Steal 440GB of Files Feedly Summary: AI Summary and Description: Yes Summary: The text reports on a significant data breach impacting cybersecurity firm Fortinet, wherein a considerable amount of data was stolen from its Microsoft Sharepoint server. This incident highlights vulnerabilities…

  • The Register: Fortinet admits miscreant got hold of customer data in the cloud

    Source URL: https://www.theregister.com/2024/09/13/fortinet_data_loss/ Source: The Register Title: Fortinet admits miscreant got hold of customer data in the cloud Feedly Summary: That would explain this 440GB leak, then Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a “limited number" of files. The question is: how limited is "limited"?……