Severe Microsoft Office Vulnerability Exploited to Deliver Cobalt Malware Recently uncovered, a critical 17-year-old vulnerability in Microsoft Office is being actively exploited by threat actors to deploy backdoor malware. This vulnerability, designated as CVE-2017-11882, allows hackers to install malicious software on targeted systems without requiring any user interaction, raising significant…
Cybersecurity Incident Roundup: Key Developments in Data Breaches and Cyber-attacks Recent weeks have seen significant cybersecurity incidents impacting various sectors, with agencies and organizations navigating the evolving landscape of cyber threats. Among the most pressing events, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings following a cyberattack…
In a recent advisory, Fortinet’s FortiGuard Labs revealed that threat actors are actively leveraging a five-year-old unpatched vulnerability affecting TBK digital video recorder (DVR) devices. This security flaw, identified as CVE-2018-9995, has a CVSS score of 9.8, categorizing it as critical. It allows remote attackers to potentially gain unauthorized access…
Government, Industry Specific, Network Firewalls, Network Access Control New Directive Mandates Replacement of Outdated Network Appliances Jennifer Lawinski • February 5, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive requiring federal agencies to replace potentially vulnerable network devices that have surpassed their vendor support end…
In May 2023, Microsoft released its Patch Tuesday updates, addressing 38 security vulnerabilities, including two major zero-day flaws that are currently being exploited. The updates aim to fortify Windows systems against active threats that pose significant risks to users and businesses. Trend Micro’s Zero Day Initiative has highlighted that this…
Fortinet Addresses Critical Vulnerability in FortiGate Firewalls Fortinet has issued critical patches to mitigate a serious security vulnerability impacting its FortiGate firewall products. This vulnerability, designated as CVE-2023-27997, allows threat actors to execute remote code under certain conditions, raising significant concerns for organizations using the affected systems. The flaw is…
Fortinet has recently revealed a critical vulnerability affecting its FortiOS and FortiProxy platforms, identified as CVE-2023-27997, with a high CVSS score of 9.2. This flaw involves a heap-based buffer overflow in the SSL-VPN feature of these systems and could be exploited by remote attackers to execute arbitrary code through crafted…
Microsoft has recently released critical security updates aimed at addressing significant vulnerabilities in its Windows operating system and associated software. This rollout is part of the scheduled Patch Tuesday updates for June 2023. The update addresses a total of 73 vulnerabilities, categorized by severity as follows: six are marked as…
A newly identified malware strain, known as Condi, is leveraging a vulnerability found in TP-Link Archer AX21 (AX1800) Wi-Fi routers to integrate these devices into a distributed denial-of-service (DDoS) botnet. This campaign, according to Fortinet’s FortiGuard Labs, has intensified since late May 2023, marking a significant escalation in cyber threats…
