Security News > 2023 > June > Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack

Week in review: Fortinet patches pre-auth RCE, Switzerland under cyberattack
2023-06-18 08:00

Building a culture of security awareness in healthcare begins with leadershipIn this Help Net Security interview, Ken Briggs, General Counsel at Salucro, discusses how fostering a culture of security awareness has become paramount for healthcare organizations.

PoC exploit for exploited MOVEit vulnerability releasedAs more victim organizations of Cl0p gang's MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data.

Red teaming can be the ground truth for CISOs and execsThis year, against the backdrop of attacks on everyone from healthcare institutions and schools to financial services organizations, as well as the introduction of legislation across the UK and EU to move security up the agenda, cybersecurity has undoubtedly become more of a priority for boards.

Incorporating cloud security teams into the SOC enhances operational efficienciesSecurity leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend Micro.

Lack of adequate investments hinders identity security effortsOrganizations are still grappling with identity-related incidents, with an alarming 90% reporting one in the last 12 months, a 6% increase from last year, according to The Identity Defined Security Alliance.

Enhancing security team capabilities in tough economic timesIn this Help Net Security video, Eoin Hinchy, CEO of Tines, discusses how organizations can maximize the potential of their security teams during an economic downturn.


News URL

https://www.helpnetsecurity.com/2023/06/18/week-in-review-fortinet-patches-pre-auth-rce-switzerland-under-cyberattack/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-34362 SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database.
network
low complexity
progress CWE-89
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 77 15 314 277 81 687