Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 Pierluigi Paganini.

VPN 105

VPN Ransomware Antivirus Firmware 105

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. CVE-2018-1160 is an out-of-bounds write issue that resides in dsi_opensess.c.

Firmware 85

Firmware VPN Wireless Passwords 85

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 85

Firewall VPN Firmware Internet 85

Security Affairs

DECEMBER 22, 2022

the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access. . “Since the release of Zerobot 1.1,

IoT 121

IoT DDOS Malware Firmware 121

Security Affairs

APRIL 2, 2021

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. •

Passwords 69

Passwords Government Firmware Accountability 69

Krebs on Security

MAY 22, 2023

In September 2018, a user by the name “ ципа ” (phonetically “ Zipper ” in Russian) registered on the Russian hacking forum Lolzteam using the edgard0111012@gmail.com address. Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app.

Scams 247

Scams DDOS Cryptocurrency Accountability 247

The Last Watchdog

JUNE 4, 2019

and Tenable, which went public in 2018 with a market capitalization of approximately $4 billion. has also attracted a powerful and growing flow of venture capital to the region – about $1 Billion in 2018 and growing at an incredible pace. Two notable examples are Sourcefire, acquired by Cisco for $2.7B

Cybersecurity 193

Cybersecurity Computers and Electronics Technology Marketing 193