Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 211–216 of 473 results
Fortinet attacks escalate as company warns large swath of customers to upgrade
Cybersecurity Dive: 10/17/22 The number of unique IPs using the exploit has gone from single digits when the vulnerability was originally announced to about 200. Read the entire article here
Read More Fortinet triple-whammy CVE gets PoC, deep dive explanation
The Register: 10/17/22 A critical flaw in Fortinet’s FortiOS, FortiProxy and FortiSwitchManager has been patched, but for those of a curious nature security firm Horizon3.ai has released a proof of concept for the exploit, as well as explaining how it works. Read the entire article here
Read More Fortinet FortiOS, FortiProxy, and FortiSwitch Manager Authentication Bypass Vulnerability under Active…
NHS: 10/17/22 The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-40684 to their Known Exploited Vulnerabilities Catalog. A proof-of-concept has also been made public by Horizon3.ai. Read the entire article here
Read More Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows
Dark Reading: 10/14/22 James Horseman, exploit developer at Horizon3.ai says public data from GreyNoise—which tracks Internet scanning activity hitting security tools—shows the number of unique IPs using the exploit has grown from the single digits a few days ago, to over forty as of Oct. 14. Read the entire article here
Read More Attackers Exploiting Critical Fortinet Authentication Bypass
Decipher: 10/14/22 “An attacker can use this vulnerability to do just about anything they want to the vulnerable system. This includes changing network configurations, adding new users, and initiating packet captures. Note that this is not the only way to exploit this vulnerability and there may be other sets of conditions that work,” James Horseman of Horizon3.ai, an offensive security...
Read More PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin
Security Week: 10/14/22 Penetration testing company Horizon3.ai has made public a PoC exploit that allows an attacker to add an SSH key to the admin user, enabling the attacker to access the targeted system with administrator privileges. The firm has also released technical details, and others have created templates for vulnerability scanners. Read the entire article here
Read More