Bitte schnell die betroffenen Systeme aktualisieren und sich einen neuen Hersteller des Vertrauens suchen... z.B. #CheckPoint 🫳 🎤
#Fortinet #FortiCloud #FortiOS #FortiManager #FortiWeb #FortiProxy #FortiAnalyzer #Sicherheitsluecke #EUVD_2026_4712 #CVE_2026_24858
#BSI WID-SEC-2025-1026: [NEU] [hoch] #Fortinet #FortiOS, #FortiProxy #und #FortiSwitch: Schwachstelle ermöglicht Privilegieneskalation
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um seine Privilegien zu erhöhen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1026
#Fortinet : plusieurs vulnérabilités exploitées pour mettre à mal plus de 17 000 instances-serveurs sous #FortiOS et #FortiProxy !
#BSI WID-SEC-2025-0321: [NEU] [mittel] #Fortinet #FortiOS #und #FortiProxy: Schwachstelle ermöglicht Codeausführung
Ein lokaler Angreifer kann eine Schwachstelle in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um beliebigen Programmcode auszuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0321
Nieuwe kwetsbaarheid in fortinet fortios en fortiproxy verholpen https://www.trendingtech.news/trending-news/2025/01/51342/nieuwe-kwetsbaarheid-in-fortinet-fortios-en-fortiproxy-verholpen #FortiNet #kwetsbaarheid #beveiliging #FortiOS #FortiProxy #Trending #News #Nieuws
#BSI WID-SEC-2024-1570: [NEU] [mittel] #Fortinet #FortiOS #und #FortiProxy: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer, oder ein Angreifer aus einem benachbarten Netzwerk kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und um Sicherheitsmaßnahmen zu umgehen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1570
Fortinet has revealed vulnerabilities in its FortiOS, FortiProxy, FortiClient Linux, and FortiClient Mac products, including a critical one that could allow remote code execution. This critical flaw, identified as CVE-2023-45590, has a high severity score and could enable an attacker to execute arbitrary code by tricking a user into visiting a malicious website. Other high-severity issues affect FortiOS and FortiProxy, where credentials are not adequately protected. A specific flaw (CVE-2023-41677) might allow an attacker to steal the administrator cookie under certain conditions. Additionally, FortiClientMac has vulnerabilities due to a lack of configuration file validation. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about the potential for cyber threat actors to exploit these vulnerabilities.
https://www.fortiguard.com/psirt/FG-IR-23-087
https://www.fortiguard.com/psirt/FG-IR-23-345
https://www.fortiguard.com/psirt/FG-IR-23-493
#cybersecurity #fortinet #fortios #fortiproxy #forticlient #linux #mac #vulnerability #cve #cisa
Happy Patch Tuesday from your friends at Fortinet. 13 security advisories, 15 vulnerabilities. No mention of exploitation in the wild:
#PatchTuesday #Fortinet #FortiManager #vulnerability #FortiSandbox #FortiOS #FortiProxy
Die kritische #Schwachstelle CVE-2024-21762 in #Fortinet #FortiOS / #FortiProxy wird aktiv ausgenutzt.
CERT-Bund meldet IP-Adressen verwundbarer Geräte in Deutschland seit mehreren Wochen täglich an die zuständigen Netzbetreiber/Provider.
Aktuell sind es noch immer ca. 2.200 IPs.
https://twitter.com/Shadowserver/status/1769684116994183171
#Log4Shell und #Fortiproxy werden weiterhin fleissig ausgenutzt - inside-it.ch https://www.inside-it.ch/log4shell-und-fortiproxy-werden-weiterhin-fleissig-ausgenutzt-20230807
New critical vulnerabilities in SonicWall and FortiOS/FortiProxy disclosed.
SonicWall: CVE-2023-34124, CVE-2023-34133, CVE-2023-34134, CVE-2023-34137
Fortinet: CVE-2023-33308
ref: https://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html
🚨 Fortinet patches high-severity vulnerabilities in #FortiADC, #FortiOS & #FortiProxy (CVE-2023-27999 & CVE-2023-22640). Update your software for enhanced security! ⚠️
Details: https://securityaffairs.com/145825/security/fortinet-fortiadc-fortios-flaws.html
Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-09e?sd=pf
#Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.
We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?
North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.
A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.
#HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.
Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.
#Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;
The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.
Catch all this and much more in this week's newsletter:
https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-09e?sd=pf
#infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy
A critical flaw affects #Fortinet #FortiOS and #FortiProxy, patch it now!
https://securityaffairs.com/143227/security/fortinet-fortios-fortiproxy-critical-bug.html
#securityaffairs #hacking
Fortinet schließt Sicherheitslücken in mehreren Produkten
Für zahlreiche Produkte aus dem Portfolio hat Fortinet Sicherheitsupdates herausgegeben. Sie schließen teils hochriskante Schwachstellen.
#FortiADC #FortiOS #FortiProxy #FortiSOAR #Fortinet #Security #Sicherheitslücken #Sicherheitsupdates #Updates #News
