Security News

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
2023-03-18 11:30

The zero-day exploitation of a now-patched medium-security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. Threat intelligence firm Mandiant, which made the attribution, said the activity cluster is part of a broader campaign designed to deploy backdoors onto Fortinet and VMware solutions and maintain persistent access to victim environments.

Here's how Chinese cyber spies exploited a critical Fortinet bug
2023-03-17 01:00

Suspected Chinese spies have exploited a critical Fortinet bug, and used custom networking malware to steal credentials and maintain network access, according to Mandiant security researchers. "Mandiant suspected the FortiGate and FortiManager devices were compromised due to the connections to VIRTUALPITA from the Fortinet management IP addresses," the researchers observed.

Fortinet zero-day attacks linked to suspected Chinese hackers
2023-03-16 19:13

A suspected Chinese hacking group has been linked to a series of attacks on government organizations exploiting a Fortinet zero-day vulnerability to deploy malware. The security flaw allowed threat actors to deploy malware payloads by executing unauthorized code or commands on unpatched FortiGate firewall devices, as Fortinet disclosed last week.

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
2023-03-14 06:01

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. The zero-day flaw in question is CVE-2022-41328, a medium security path traversal bug in FortiOS that could lead to arbitrary code execution.

Fortinet: New FortiOS bug used as zero-day to attack govt networks
2023-03-13 22:38

Unknown attackers used zero-day exploits to abuse a new FortiOS bug patched this month in attacks targeting government and large organizations that have led to OS and file corruption and data loss. The list of affected products includes FortiOS version 6.4.0 through 6.4.11, FortiOS version 7.0.0 through 7.0.9, FortiOS version 7.2.0 through 7.2.3, and all versions of FortiOS 6.0 and 6.2.

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)
2023-03-09 11:11

Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy.Discovered by Fortinet infosec engineer Kai Ni, CVE-2023-25610 is a buffer underwrite vulnerability found in the FortiOS and FortiProxy administrative interface.

Fortinet warns of new critical unauthenticated RCE vulnerability
2023-03-08 19:25

Fortinet has disclosed a "Critical" vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or perform denial of service on the GUI of vulnerable devices using specially crafted requests. FortiOS version 7.2.0 through 7.2.3.

Hackers now exploit critical Fortinet bug to backdoor servers
2023-02-22 19:06

Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. These attacks come one day after Horizon3 security researchers released proof-of-concept exploit code for the critical-severity flaw that will add a cron job to initiate a reverse shell on compromised systems as the root user.

Exploit released for critical Fortinet RCE flaw, patch now
2023-02-21 18:21

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability in Fortinet's FortiNAC network access control suite. Proof-of-concept exploit code is also available from the company's repository on GitHub.

Exploit released for critical Fortinet RCE flaws, patch now
2023-02-21 18:21

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability in Fortinet's FortiNAC network access control suite. Proof-of-concept exploit code is also available from the company's repository on GitHub.