Phoenix IT

Category: Firewall Security

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. “The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes,” cybersecurity firm Arctic Wolf said in an

Read More
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. “Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent,” India’s Press Information Bureau (PIB) said in a statement released Sunday. “Citizens are empowered with rights to demand data erasure, appoint digital nominees,

Read More
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. “Disguised as a fake ‘Telegram Premium’ app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore – a popular app store in the Russian

Read More
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than 3.0.0. “The

Read More