Fortiguard Labs
Latest News
Threat Signal Report
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
Apr 26, 2024What is the Vulnerability ? A zero-day security vulnerability has been uncovered in an enterprise file-transfer software CrushFTP. The vulnerability tagged as CVE-2024-4040 is actively being...
Outbreak Alert
PAN-OS GlobalProtect Command Injection Vulnerability
Apr 26, 2024The attack on PAN-OS GlobalProtect devices identified as CVE-2024-3400 allows a malicious actor to remotely exploit an unauthenticated command injection vulnerability that leads to remote code...
Outbreak Alert
C-DATA Web Management System RCE Attack
Apr 25, 2024FortiGuard Labs observed a critical level of attack attempts in the wild targeting a 2-year-old vulnerability found on C-DATA Web Management System.
Threat Signal Report
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359)
Apr 24, 2024What is the Attack? Cisco issued an advisory on 24th April, regarding its Adaptive Security Appliances, multifunctional devices combining firewall, VPN, and other security functions. It...
Outbreak Alert
Akira Ransomware
Apr 23, 2024FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the past year,...
Threat Signal Report
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
Apr 12, 2024What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under...
Outbreak Alert
Sunhillo SureLine Command Injection Attack
Apr 10, 2024The attack on Sunhillo SureLine identified as CVE-2021-36380 allows a malicious actor to exploit an unauthenticated OS Command Injection vulnerability. Once established, the attacker can gain...
Threat Signal Report
XZ Utils Supply Chain Attack (CVE-2024-3094)
Apr 01, 2024What is the vulnerability/attack? A malicious code was discovered embedded in the XZ Utils, a data compression software included in major Linux distributions. This vulnerability tracked under...
Outbreak Alert
Nice Linear eMerge Command Injection Vulnerability
Mar 27, 2024The vulnerability tracked as CVE-2019-7256 affecting an access control system called Linear eMerge E3-Series is affected by an OS command injection flaw that could allow an attacker to cause...
Threat Signal Report
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256)
Mar 26, 2024What is the vulnerability? Cyber threat actors are actively targeting Linear eMerge E3-Series to exploit a 5-year-old critical vulnerability. The vulnerability tracked as CVE-2019-7256 is a...
Threat Signal Report
Kimsuky Malware Attack
Mar 25, 2024What is the Kimsuky Malware Attack? Kimsuky, officially known as the Kim Suky Group, is a cyber-espionage group linked to North Korea. The group has been active since at least 2012 and is...
Publications
[Nullcon Berlin 2024] The complexity of reversing Flutter applications
Mar 18, 2024Flutter is a cross-platform application development platform. With the same codebase, developers write and compile native applications for Android, iOS, Windows, Linux... For reverse engineers, it...
Threat Signal Report
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
Mar 12, 2024What is the Vulnerability? Cyber threat actors are actively targeting Jenkins, a Java-based open-source automation server widely used by application developers. The critical vulnerability...
Threat Signal Report
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
Mar 12, 2024What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been identified and tagged as CVE-2024-27198 and CVE-2024-27199. The most severe of the...
Outbreak Alert
ConnectWise ScreenConnect Attack
Mar 11, 2024Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.
Outbreak Alert
Ivanti Connect Secure and Policy Secure Attack
Feb 29, 2024Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect Secure and Policy Secure gateways underway.
Threat Signal Report
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
Feb 16, 2024What is the Vulnerability? Microsoft disclosed a critical security flaw in the Exchange Server. Tracked as CVE-2024-21410, the issue has been described as a privilege escalation...
Outbreak Alert
Outbreak Alert- Annual Report 2023
Feb 14, 2024FortiGuard Labs published a total of 38 Outbreak Alerts in the year 2023 comprising of 23 Significant Vulnerabilities, 8 Targeted Attack Campaigns, 4 OT/IoT Threats and 3 Malware related Threats....
Threat Signal Report
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
Apr 26, 2024What is the Vulnerability ? A zero-day security vulnerability has been uncovered in an enterprise file-transfer software CrushFTP. The vulnerability tagged as CVE-2024-4040 is actively being...
Outbreak Alert
PAN-OS GlobalProtect Command Injection Vulnerability
Apr 26, 2024The attack on PAN-OS GlobalProtect devices identified as CVE-2024-3400 allows a malicious actor to remotely exploit an unauthenticated command injection vulnerability that leads to remote code...
Outbreak Alert
C-DATA Web Management System RCE Attack
Apr 25, 2024FortiGuard Labs observed a critical level of attack attempts in the wild targeting a 2-year-old vulnerability found on C-DATA Web Management System.
Threat Signal Report
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359)
Apr 24, 2024What is the Attack? Cisco issued an advisory on 24th April, regarding its Adaptive Security Appliances, multifunctional devices combining firewall, VPN, and other security functions. It...
Outbreak Alert
Akira Ransomware
Apr 23, 2024FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the past year,...
Threat Signal Report
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
Apr 12, 2024What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under...
Outbreak Alert
Sunhillo SureLine Command Injection Attack
Apr 10, 2024The attack on Sunhillo SureLine identified as CVE-2021-36380 allows a malicious actor to exploit an unauthenticated OS Command Injection vulnerability. Once established, the attacker can gain...
Threat Signal Report
XZ Utils Supply Chain Attack (CVE-2024-3094)
Apr 01, 2024What is the vulnerability/attack? A malicious code was discovered embedded in the XZ Utils, a data compression software included in major Linux distributions. This vulnerability tracked under...
Outbreak Alert
Nice Linear eMerge Command Injection Vulnerability
Mar 27, 2024The vulnerability tracked as CVE-2019-7256 affecting an access control system called Linear eMerge E3-Series is affected by an OS command injection flaw that could allow an attacker to cause...
Threat Signal Report
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256)
Mar 26, 2024What is the vulnerability? Cyber threat actors are actively targeting Linear eMerge E3-Series to exploit a 5-year-old critical vulnerability. The vulnerability tracked as CVE-2019-7256 is a...
Threat Signal Report
Kimsuky Malware Attack
Mar 25, 2024What is the Kimsuky Malware Attack? Kimsuky, officially known as the Kim Suky Group, is a cyber-espionage group linked to North Korea. The group has been active since at least 2012 and is...
Publications
[Nullcon Berlin 2024] The complexity of reversing Flutter applications
Mar 18, 2024Flutter is a cross-platform application development platform. With the same codebase, developers write and compile native applications for Android, iOS, Windows, Linux... For reverse engineers, it...
Threat Signal Report
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
Mar 12, 2024What is the Vulnerability? Cyber threat actors are actively targeting Jenkins, a Java-based open-source automation server widely used by application developers. The critical vulnerability...
Threat Signal Report
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
Mar 12, 2024What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been identified and tagged as CVE-2024-27198 and CVE-2024-27199. The most severe of the...
Outbreak Alert
ConnectWise ScreenConnect Attack
Mar 11, 2024Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.
Outbreak Alert
Ivanti Connect Secure and Policy Secure Attack
Feb 29, 2024Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect Secure and Policy Secure gateways underway.
Threat Signal Report
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
Feb 16, 2024What is the Vulnerability? Microsoft disclosed a critical security flaw in the Exchange Server. Tracked as CVE-2024-21410, the issue has been described as a privilege escalation...
Outbreak Alert
Outbreak Alert- Annual Report 2023
Feb 14, 2024FortiGuard Labs published a total of 38 Outbreak Alerts in the year 2023 comprising of 23 Significant Vulnerabilities, 8 Targeted Attack Campaigns, 4 OT/IoT Threats and 3 Malware related Threats....
Threat Signal Report
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
Apr 26, 2024What is the Vulnerability ? A zero-day security vulnerability has been uncovered in an enterprise file-transfer software CrushFTP. The vulnerability tagged as CVE-2024-4040 is actively being...
Outbreak Alert
PAN-OS GlobalProtect Command Injection Vulnerability
Apr 26, 2024The attack on PAN-OS GlobalProtect devices identified as CVE-2024-3400 allows a malicious actor to remotely exploit an unauthenticated command injection vulnerability that leads to remote code...
Outbreak Alert
C-DATA Web Management System RCE Attack
Apr 25, 2024FortiGuard Labs observed a critical level of attack attempts in the wild targeting a 2-year-old vulnerability found on C-DATA Web Management System.
Threat Signal Report
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359)
Apr 24, 2024What is the Attack? Cisco issued an advisory on 24th April, regarding its Adaptive Security Appliances, multifunctional devices combining firewall, VPN, and other security functions. It...
Outbreak Alert
Akira Ransomware
Apr 23, 2024FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the past year,...
Threat Signal Report
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
Apr 12, 2024What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under...
Outbreak Alert
Sunhillo SureLine Command Injection Attack
Apr 10, 2024The attack on Sunhillo SureLine identified as CVE-2021-36380 allows a malicious actor to exploit an unauthenticated OS Command Injection vulnerability. Once established, the attacker can gain...
Threat Signal Report
XZ Utils Supply Chain Attack (CVE-2024-3094)
Apr 01, 2024What is the vulnerability/attack? A malicious code was discovered embedded in the XZ Utils, a data compression software included in major Linux distributions. This vulnerability tracked under...
Outbreak Alert
Nice Linear eMerge Command Injection Vulnerability
Mar 27, 2024The vulnerability tracked as CVE-2019-7256 affecting an access control system called Linear eMerge E3-Series is affected by an OS command injection flaw that could allow an attacker to cause...
Threat Signal Report
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256)
Mar 26, 2024What is the vulnerability? Cyber threat actors are actively targeting Linear eMerge E3-Series to exploit a 5-year-old critical vulnerability. The vulnerability tracked as CVE-2019-7256 is a...
Threat Signal Report
Kimsuky Malware Attack
Mar 25, 2024What is the Kimsuky Malware Attack? Kimsuky, officially known as the Kim Suky Group, is a cyber-espionage group linked to North Korea. The group has been active since at least 2012 and is...
Publications
[Nullcon Berlin 2024] The complexity of reversing Flutter applications
Mar 18, 2024Flutter is a cross-platform application development platform. With the same codebase, developers write and compile native applications for Android, iOS, Windows, Linux... For reverse engineers, it...
Threat Signal Report
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
Mar 12, 2024What is the Vulnerability? Cyber threat actors are actively targeting Jenkins, a Java-based open-source automation server widely used by application developers. The critical vulnerability...
Threat Signal Report
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
Mar 12, 2024What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been identified and tagged as CVE-2024-27198 and CVE-2024-27199. The most severe of the...
Outbreak Alert
ConnectWise ScreenConnect Attack
Mar 11, 2024Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.
Outbreak Alert
Ivanti Connect Secure and Policy Secure Attack
Feb 29, 2024Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect Secure and Policy Secure gateways underway.
Threat Signal Report
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
Feb 16, 2024What is the Vulnerability? Microsoft disclosed a critical security flaw in the Exchange Server. Tracked as CVE-2024-21410, the issue has been described as a privilege escalation...
Outbreak Alert
Outbreak Alert- Annual Report 2023
Feb 14, 2024FortiGuard Labs published a total of 38 Outbreak Alerts in the year 2023 comprising of 23 Significant Vulnerabilities, 8 Targeted Attack Campaigns, 4 OT/IoT Threats and 3 Malware related Threats....
Services
-
Network -
Application -
Files and Endpoint -
Security Operations
Select one for more details:
-
Anti-recon and Exploit
-
Botnet Domain Reputation DB
-
Data Loss Prevention
-
Indicators of Compromise
-
Intrusion Protection
-
IP Reputation/Anti-Botnet
-
Internet Services
-
Secure DNS
-
Application Control
-
Web Application Security (FADC)
-
Client Application Firewall
-
Web Application Security (FWB)
-
OT Threat
-
IoT Detection
-
Web Filtering
