Hot Off the Press

Filters

Showing 19–24 of 177 results

Fortinet FortiOS, FortiProxy, and FortiSwitch Manager Authentication Bypass Vulnerability under Active…

October 17, 2022 | News Mention

NHS: 10/17/22 The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-40684 to their Known Exploited Vulnerabilities Catalog. A proof-of-concept has also been made public by Horizon3.ai. Read the entire article here

Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows

October 14, 2022 | News Mention

Dark Reading: 10/14/22 James Horseman, exploit developer at Horizon3.ai says public data from GreyNoise—which tracks Internet scanning activity hitting security tools—shows the number of unique IPs using the exploit has grown from the single digits a few days ago, to over forty as of Oct. 14. Read the entire article here

Attackers Exploiting Critical Fortinet Authentication Bypass

October 14, 2022 | News Mention

Decipher: 10/14/22 “An attacker can use this vulnerability to do just about anything they want to the vulnerable system. This includes changing network configurations, adding new users, and initiating packet captures. Note that this is not the only way to exploit this vulnerability and there may be other sets of conditions that work,” James Horseman of Horizon3.ai, an offensive security...

PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin

October 14, 2022 | News Mention

Security Week: 10/14/22 Penetration testing company Horizon3.ai has made public a PoC exploit that allows an attacker to add an SSH key to the admin user, enabling the attacker to access the targeted system with administrator privileges. The firm has also released technical details, and others have created templates for vulnerability scanners. Read the entire article here

PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks

October 14, 2022 | News Mention

The Hacker News: 10/14/22 “FortiOS exposes a management web portal that allows a user to configure the system,” Horizon3.ai researcher James Horseman said. “Additionally, a user can SSH into the system which exposes a locked down CLI interface.” Read the entire article here

Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

October 14, 2022 | News Mention

HelpNetSecurity: 10/14/22 Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, and soon after exploitation attempts started rising. Read the entire article here

« Previous
1
2
3
4
5
6
…
30
Next »

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.

Schedule a Demo

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Hot Off the Press

Filters

How can NodeZero help you?