Fortinet has released security updates for various products, including OS and FortiProxy, to fix vulnerabilities that could allow a cyber threat actor to take control of a system.
CISA encourages users and administrators to take the following steps for enhanced security:
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
An external control of file name or path vulnerability [CWE-73] in FortiClientMac’s installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.
An Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94] in FortiClientLinux may allow
an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.