Vulnerable Fortinet FortiOS System Expose VPN’s Credentials

Posted by & filed under Ειδοποιήσεις.

In a joint alert, CISA and the FBI note nation-state actors are scanning for FortiOS vulnerabilities tracked as CVE-2018-13379, CVE-2020-12812 and CVE-2019-5591 for initial attacks. The alert does not disclose details on the threat actors, but it says the agencies have detected a surge in scanning activities for the vulnerabilities since March. The agencies say the… Read more »

Hackers are fighting a war over 300K vulnerable WordPress sites

Posted by & filed under Ειδοποιήσεις.

Attackers who are actively exploiting a critical remote code execution flaw affecting over 600,000 of WordPress sites running vulnerable File Manager plugin versions have also been seen protecting the sites they compromise from other threat actors’ attacks. The critical vulnerability allows unauthenticated attackers to upload malicious PHP files and execute arbitrary code following successful exploitation [1, 2, 3]. File Manager’s… Read more »