Fortinet has issued a warning about active exploitation of a five-year-old vulnerability in FortiOS SSL VPN (CVE-2020-12812) that allows attackers to bypass two-factor authentication under certain configurations, especially involving LDAP integration and case-sensitive username matching. Organizations are advised to update their systems or disable username sensitivity to mitigate the risk, and to contact support if they suspect exploitation.
Following an FBI warning about 2FA bypass attacks, Qantas confirmed a cyberattack that exposed personal data of six million customers, highlighting the increasing threat to the airline industry and the importance of cybersecurity vigilance.
Following an FBI warning about 2FA bypass attacks, Qantas experienced a data breach affecting six million customers through a third-party platform, highlighting the increasing threat of targeted cyberattacks in the airline industry. Experts emphasize the importance of robust cybersecurity measures and cautious communication to mitigate risks and maintain trust.
The FBI has issued a warning about the Scattered Spider threat group, which is expanding its attacks into the transportation and airline sectors by using social engineering to bypass multi-factor authentication, with a focus on impersonation and supply chain vulnerabilities. The group, linked to ransomware activities and collaborating with other threat actors, is also targeting the insurance industry, emphasizing the need for organizations to follow strict security protocols and remain vigilant against sophisticated social engineering tactics.
The FBI has issued a warning about the Scattered Spider threat group, which is expanding its cyberattacks across sectors like aviation and insurance by using social engineering to bypass multi-factor authentication, posing significant risks to organizations and supply chains.
The FBI has issued a warning about the Scattered Spider threat group, which is expanding its targeting to the airline industry and using social engineering to bypass multi-factor authentication (2FA), posing a significant cybersecurity risk across sectors including transportation and retail.
