Recent reports reveal that state-sponsored hackers, associated with China, successfully compromised 20,000 Fortinet FortiGate systems globally by exploiting a critical vulnerability between 2022 and 2023. This breach appears to have far-reaching implications that were previously underestimated. The Dutch National Cyber Security Centre (NCSC) disclosed that the attackers had prior knowledge…
Microsoft Addresses 51 Vulnerabilities in June Patch Tuesday Update In its latest Patch Tuesday update for June 2024, Microsoft has rolled out security updates to address 51 vulnerabilities across its products. Among these, one vulnerability has been classified as Critical, while the remaining 50 are deemed Important. This release also…
Chinese Cyber Espionage Group Exploits Vulnerabilities in Major Tech Platforms A sophisticated cyber espionage campaign linked to the Chinese threat actor UN3886 has been identified, involving the exploitation of zero-day vulnerabilities within widely used technologies such as Fortinet, Ivanti, and VMware systems. Recent findings highlight that the attackers have been…
In a troubling development for cybersecurity, Fortinet, in collaboration with Mandiant, has uncovered a widespread exploitation of FortiManager devices linked to CVE-2024-47575. This vulnerability has compromised over 50 systems across various sectors, with the threat group known as UNC5820 leveraging the flaw to facilitate data theft and unauthorized access. The…
Fortinet, a prominent provider of network security solutions, has recently come under scrutiny for concealing a significant vulnerability that has reportedly been exploited by attackers to execute unauthorized code on servers belonging to sensitive organizations. This silence persisted for over a week, raising concerns among users and cybersecurity experts alike…
The U.S. government announced on Wednesday that it has taken significant action to disrupt a botnet composed of hundreds of small office and home office (SOHO) routers based in the United States. This botnet, referred to as the KV-botnet, is linked to Volt Typhoon, a state-sponsored threat actor associated with…
Microsoft has announced the release of security patches addressing a staggering 143 vulnerabilities as part of its latest monthly updates. Among these issues, two have been confirmed to be actively exploited, heightening concerns for organizations relying on Microsoft software. The updates, which categorize five vulnerabilities as Critical, 136 as Important,…
Artificial Intelligence (AI) is transforming society in numerous beneficial ways, yet it has also become a tool exploited by cybercriminals to perpetrate nefarious activities. Threat actors, both seasoned and novice, leverage AI to enhance their data-gathering capabilities and to generate convincing phishing communications, thereby streamlining their malicious endeavors. As a…
Palo Alto Networks has issued an urgent warning regarding a critical vulnerability affecting its PAN-OS software utilized in GlobalProtect gateways, noting that this flaw is currently being actively exploited in the wild. Designated as CVE-2024-3400, this vulnerability carries a maximum CVSS score of 10.0, underscoring its potential severity and urgency…
