Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted requests,”
Read More
Volt Typhoon has been known to ‘commonly’ exploit vulnerabilities in network appliances from certain vendors, according to an advisory from CISA, the FBI and the NSA. U.S. agencies warned Wednesday that China-linked threat group Volt Typhoon has been known to obtain initial access to targeted IT infrastructure by exploiting network appliances from vendors including Fortinet,
Read More
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It’s distributed by
Read More
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its AI
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all