Security News

More than 133,000 Fortinet appliances still vulnerable to month-old critical bug
2024-03-18 19:00

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching. According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 - down only slightly from more than 150,000 ten days prior.

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
2024-03-18 12:58

Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on...

WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
2024-03-18 09:46

WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The...

Public anxiety mounts over critical infrastructure resilience to cyber attacks
2024-03-18 05:30

With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according to MITRE and The Harris Poll. Public views cyberattacks as greatest risk to critical infrastructure.

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
2024-03-14 14:06

A recently fixed SQL injection vulnerability in Fortinet's FortiClient Endpoint Management Server solution has apparently piqued the interest of many: Horizon3's Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and someone is attempting to sell a PoC for less than $300 via GitHub. "An improper neutralization of special elements used in an SQL Command vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted requests," the company's product security incident response team pithily states in the associated advisory.

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
2024-03-14 10:53

Arcserve has fixed critical security vulnerabilities in its Unified Data Protection solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as well as one for triggering a third flaw that can lead to denial of service.

Fortinet warns of critical RCE bug in endpoint management software
2024-03-13 18:48

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. Last month, Fortinet disclosed a critical remote code execution bug in the FortiOS operating system and the FortiProxy secure web proxy, which the company tagged as "Potentially being exploited in the wild."

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
2024-03-13 05:38

Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to...

March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
2024-03-12 19:55

On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but - welcome news! - none of them are currently publicly known or actively exploited. One of the two - CVE-2024-21338, an elevation of privilege vulnerability affecting the Windows Kernel - had been reported to Microsoft by Avast researchers, who later shared that it had been leveraged by North Korean hackers for months before the patch was released.

Critical Fortinet flaw may impact 150,000 exposed devices
2024-03-08 20:37

Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication. America's Cyber Defense Agency CISA confirmed last month that attackers are actively exploiting the flaw by adding it to its Known Exploited Vulnerabilities catalog.