C-DATA Web Management System RCE Attack
FortiGuard labs observed a critical level of attack attempts in the wild targeting a 2 year old vulnerability found on C-DATA Web Management Systems.
Akira Ransomware
FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the …
PAN-OS GlobalProtect Command Injection Vulnerability
The on-going attack on PAN-OS GlobalProtect devices identified as CVE-2024-3400 allows a malicious actor to remotely exploit an unauthenticated OS Command Injection vulnerability. Once established, the attacker can further collect …
Sunhillo SureLine Command Injection Attack
FortiGuard Labs continues to see targeted attacks affecting a vulnerability, identified as CVE-2021-36380, that enables a malicious actor to establish an interactive conduit, gaining command over the targeted system and …
Nice Linear eMerge Attack
Post Content
ConnectWise ScreenConnect Attack
Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.
Outbreak Alert Annual Report 2023
Post Content
Ivanti Connect Secure and Policy Secure Attack
Widespread exploitation of two zero-day vulnerabilities affecting Ivanti Connect Secure (ICS) and Policy Secure gateways underway.
Androxgh0st Malware Attack
FortiGuard Labs continue to observe widespread activity of Androxgh0st Malware in the wild exploiting multiple vulnerabilities, specifically targeting- the PHPUnit (CVE-2017-9841), Laravel Framework (CVE-2018-15133) and Apache Web Server (CVE-2021-41773) to …
Adobe ColdFusion Access Control Bypass Attack
FortiGuards labs observed critical level of exploitation attempts relating to security bypass vulnerabilities in Adobe ColdFusion. Successful exploitation could result in access of the ColdFusion Administrator endpoints.