Collaborate Disseminate
Horizon3’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. “Similar to the weaponization of previous archive vulnerability issues that allow arbit… Continue reading PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)
Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC and FortiWeb solutions. Since cyberattackers love to exploit vulnerabilities … Continue reading Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)
Fortinet has released FortiSP5, the latest breakthrough in ASIC technology from Fortinet to propel major leaps forward in securing distributed network edges. Building on over 20 years of ASIC investment and innovation from Fortinet, FortiSP5 delivers s… Continue reading Fortinet launches FortiSP5 to secure distributed network edges
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. Simultaneously, the Ukranian CERT has confirmed that the attackers who recently aime… Continue reading A glut of wiper malware hits Ukrainian targets
Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum. The great threat Over 93% of cybersecurity experts and 86% of business leaders beli… Continue reading Global instability increases cyber risk, says World Economic Forum
Corporate security is near the top of the list of CIO concerns for 2023 — but a security skills shortfall is also a problem. What can companies do to bring up the slack?
The post The security skills shortage is here, here’s how to prepare appeared firs… Continue reading The security skills shortage is here, here’s how to prepare
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet is aware of an instance where this vulnerability was exploited in the wild,&… Continue reading Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
Here’s a look at the most interesting products from the past week, featuring releases from Adaptive Shield, Datadog, Delinea, Fortinet, LogicGate, Shoreline, and Trend Micro. Delinea unveils granular privilege elevation workflow for on-premise and clou… Continue reading New infosec products of the week: December 2, 2022
Fortinet launches FortiGate Cloud-Native Firewall (FortiGate CNF) on Amazon Web Services (AWS), an enterprise-grade, managed next-generation firewall service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard artificial i… Continue reading Fortinet simplifies network security operations on AWS with FortiGate CNF
By Waqas
The flaw is tracked as CVE-2022-40684 in FortiOS, while its exploit is being sold on a popular Russian hacker forum.
This is a post from HackRead.com Read the original post: Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs
Continue reading Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs