Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 229–234 of 473 results
Fortinet warns that critical authentication bypass flaw has been exploited
ZDnet: 10/12/22 Security researchers with the Horizon3 Attack Team have published early indicators of compromise to help admins discover compromised devices. Read the entire article here
Read More CISA adds Fortinet bug to exploited vulnerabilities list
The Record: 10/12/22 Zach Hanley, chief attack engineer at Horizon3.ai, told The Record that it’s hard to get a good idea of how common the appliances are used but said there are at least 10,000 vulnerable tools exposed to the internet. “Fortinet devices are some of the most popular appliances used by organizations worldwide, and based on the Shodan results the United...
Read More CISA adds Fortinet CVE to vulnerability catalog after attacks escalate
Cybersecurity Dive: 10/12/22 Fortinet has confirmed one instance of an organization being exploited, and Zach Hanley, chief attack engineer at Horizon3.ai, said a number of MSSP providers have indicated their customers may have been compromised. Read the entire article here
Read More 
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass IOCs (CVE-2022-40684)
Introduction The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to provide additional insight into the vulnerability so users can begin to determine if they have been compromised. In this post we discuss enabling logging and IOCs for FortiOS 7.2.1. These steps will likely work on other vulnerable products, however we...
Read More Fortinet issues emergency patches for FortiOS, FortiProxy and FortiSwitchManager
SiliconANGLE: 10/10/22 Fortinet Inc. today issued emergency patches for a number of its products after a severe vulnerability was discovered and exposed last week. Read the entire article here
Read More CVE-2022-40684 flaw in Fortinet products is being exploited in the wild
Security Affairs: 10/10/22 Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Read the entire article here
Read More