Tag

Fortinet

All articles tagged with #fortinet

security19 days ago•3 min saved

Fortinet SSL VPN and FortiGate vulnerabilities under active attack

Fortinet has issued a warning about active exploitation of a five-year-old vulnerability in FortiOS SSL VPN (CVE-2020-12812) that allows attackers to bypass two-factor authentication under certain configurations, especially involving LDAP integration and case-sensitive username matching. Organizations are advised to update their systems or disable username sensitivity to mitigate the risk, and to contact support if they suspect exploitation.

via The Hacker News|

#2fa-bypass #cve-2020-12812 #fortinet

finance5 months ago•3 min saved

Top Stock Movers to Watch Today: Eli Lilly, Fortinet, Airbnb, and More

Stocks declined following Trump's tariffs and higher-than-expected jobless claims, with notable movements including Eli Lilly dropping 14% after weight-loss pill data, Fortinet falling 25% despite strong earnings, and Sunrun soaring 32% on robust earnings. Other significant changes involved AppLovin, Airbnb, Peloton, Vistra, DraftKings, Duolingo, Lyft, and Zillow, reflecting mixed earnings results and outlooks amid economic uncertainties.

via Barron's|

#airbnb #eli-lilly #finance

cybersecurity1 year ago•2 min saved

Winos4.0 Malware Targets Windows Gamers via Game Apps

Cybercriminals are exploiting gaming applications to distribute Winos4.0, a malicious software framework that allows full control over infected Windows machines. This malware, derived from Gh0strat, is similar to Cobalt Strike and Sliver, and is used in campaigns like Silver Fox, linked to Chinese state actors. The attack involves multiple stages, starting with a gaming-related lure and progressing through DLL injections and C2 communications, ultimately establishing a persistent backdoor for data theft and system control. Fortinet advises downloading software only from trusted sources to avoid such threats.

via The Register|

#cyberattack #cybersecurity #fortinet

cybersecurity1 year ago•1 min saved

"Fortinet Addresses Critical Vulnerabilities Across FortiClientLinux and Other Products"

Fortinet has released critical security patches to address a vulnerability in FortiClientLinux that could allow arbitrary code execution. The vulnerability, tracked as CVE-2023-45590, affects specific versions of FortiClientLinux and is attributed to an "Improper Control of Generation of Code" flaw. Additionally, Fortinet's April 2024 security patches also resolve issues with FortiClientMac installer and FortiOS/FortiProxy, emphasizing the importance of keeping systems up-to-date to mitigate potential threats.

via The Hacker News|

#code-execution #cybersecurity #fortinet

cybersecurity1 year ago•0 min saved

"Fortinet's Latest Security Updates and Vulnerability Patches"

Fortinet has released security updates for multiple products, as announced by the Cybersecurity and Infrastructure Security Agency (CISA). The updates aim to address vulnerabilities and enhance the security of the affected products, emphasizing the importance of promptly applying these updates to mitigate potential risks.

via CISA|

#cisa #cyber-defense #cybersecurity

cybersecurity1 year ago•1 min saved

"Fortinet FortiOS Bug CVE-2024-21762 Affects 150,000 Internet-Facing Devices"

A critical vulnerability, CVE-2024-21762, in Fortinet FortiOS SSL VPN could potentially impact 150,000 exposed devices, with the majority located in the United States. The vulnerability, which allows for remote code execution, has been actively exploited in attacks in the wild. Fortinet has recommended disabling SSL VPN as a workaround and has provided a list of impacted versions and available solutions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, and researchers continue to monitor the situation.

via Security Affairs|

#cve-2024-21762 #cyberattack #cybersecurity

cybersecurity1 year ago•1 min saved

"Fortinet Flaw Exposes 150,000 Devices to Critical Vulnerability"

Approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows code execution without authentication. The vulnerability is actively being exploited by attackers, with over 24,000 vulnerable devices in the United States alone. Companies are advised to check their SSL VPN systems for vulnerability and take necessary mitigation steps to protect their networks.

via BleepingComputer|

#cve-2024-21762 #cybersecurity #exploitation

cybersecurity1 year ago•2 min saved

"Fortinet's Ongoing Battle: Exploited RCE Flaws and Urgent Patching"

CISA confirms active exploitation of a critical remote code execution (RCE) bug (CVE-2024-21762) in Fortinet's FortiOS operating system, urging immediate patching or SSL VPN disabling to mitigate risks. Fortinet's confusing disclosure process regarding other RCE vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in FortiSIEM was clarified, emphasizing the need to secure all Fortinet devices due to the high likelihood of exploitation by malicious actors for cyber espionage and ransomware attacks.

via BleepingComputer|

#cisa #cve-2024-21762 #cybersecurity

technology1 year ago•5 min saved

"Fortinet's Critical Flaws: Urgent Patching Needed Amid Ongoing Exploitation"

Fortinet faced a tumultuous week with the disclosure of critical security vulnerabilities in its FortiOS, including an SSL VPN flaw that allows for remote code execution. The company also faced backlash for a confusing double bug disclosure and a disputed claim about toothbrushes being used in a DDoS attack. Fortinet's delayed and conflicting responses to these issues have drawn criticism, while security researchers urge users to patch vulnerable VPNs and upgrade to fixed releases.

via The Register|

#cybersecurity #disclosure #fortinet

technologysecurity1 year ago•2 min saved

"Fortinet Issues Urgent Warning on Active Exploitation of Critical SSL VPN Flaws"

Fortinet has disclosed a critical security flaw in FortiOS SSL VPN, likely being actively exploited, allowing for the execution of arbitrary code and commands. The vulnerability impacts multiple versions of FortiOS, and patches have been issued for other CVEs affecting FortiSIEM supervisor. Recent reports reveal Chinese state-sponsored actors exploiting known flaws in Fortinet devices, underscoring the growing threat faced by internet-facing edge devices lacking endpoint detection and response support.

via The Hacker News|

#cybersecurity #exploitation #fortinet

cyber-threat-network-security1 year ago•3 min saved

"Critical Security Patches Address Flaws in Cisco Unified Communications and Networking Products"

Cisco, Fortinet, and VMware have released critical security patches to address multiple vulnerabilities in their products, including CSRF attacks on Cisco Expressway Series, bypasses for a critical flaw in FortiSIEM supervisor, and moderate-to-important severity flaws in VMware Aria Operations for Networks. Organizations are urged to apply the patches promptly to mitigate the risks associated with these vulnerabilities.

via The Hacker News|

#cisco #cyber-threat-network-security #fortinet

business1 year ago•0 min saved

Fortinet's Strong Financials Propel Cybersecurity Stocks to New Heights

Fortinet's strong financial performance has given a boost to cybersecurity stocks, following previous disappointments in the group's outlook.

via CNBC|

#business #cybersecurity #financials

finance1 year ago•3 min saved

"Fortinet Leads Cybersecurity Stocks Surge with Strong Q4 Earnings and SASE Growth"

Fortinet exceeds Q4 earnings expectations with an 8.5% revenue increase, Hilton surpasses earnings estimates but issues a cautious 2024 outlook due to softening travel demand, and Target is reportedly developing a paid subscription program to rival Amazon Prime and Walmart+.

via Yahoo Finance|

#cybersecurity #finance #fortinet

businessfinance1 year ago•1 min saved

Fortinet Surges on Strong Q4 Performance and Earnings Beat

Fortinet's stock surged after the company reported better-than-expected Q4 financial results, with earnings of 51 cents per share and sales of $1.42 billion, representing a 10.68% increase over last year. CEO Ken Xie highlighted strong growth in Security Operations and SASE billings, and the company's position as a leader in Secure Networking and firewall deployment. Fortinet's outlook for Q1 and full-year 2024 also exceeded estimates, with anticipated revenue between $5.71 billion and $5.81 billion and adjusted EPS of $1.65 to $1.70.

via Yahoo Finance|

#businessfinance #cybersecurity #earnings

stock-market2 years ago•1 min saved

"Cramer Advises Caution on UiPath: 'Do Not Touch'"

Jim Cramer advises against investing in UiPath due to concerns, recommends Palo Alto Networks over Fortinet, warns against Diageo, and suggests buying Textron as it is undervalued. Cramer also mentions that Target's stock would be higher if not for theft.

via CNBC|

#fortinet #palo-alto-networks #prudential