Fortinet, a major cybersecurity company, had a week filled with security vulnerabilities, disclosure mishaps, and a toothbrush DDoS attack claim. The week started with the disclosure of two critical security vulnerabilities in FortiSIEM, which were mistakenly linked to a previous advisory and then later confirmed to be new vulnerabilities. The company took more than 73 hours to issue an official response, which was considered unprofessional. In addition to this, a critical security vulnerability in FortiOS, impacting its SSL VPN, was disclosed. This vulnerability allows remote unauthenticated attackers to achieve code execution and is believed to have already been exploited as a zero-day. Fortinet has urged users to patch vulnerable VPNs as soon as possible. The company was also tangled in a toothbrush DDoS attack claim, which turned out to be a hypothetical situation that was misinterpreted by the media. Overall, Fortinet’s week was plagued with security issues and mishandled disclosures.
Fortinet’s week: a forgettable glance
Latest from News
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting
Security leaders weigh in on SEC cyber disclosure ruling one year later
TLDR: One year after the SEC cyber disclosure ruling, security leaders weigh in on its impact. Security professionals reflect on the lack of significant
Viettel Cyber Security and Banbros Commercial Inc tackle emerging cyber threats
TLDR: Viettel Cyber Security and Banbros Commercial Inc. addressed emerging cyber threats in the Philippines at a launching event. The event focused on discussing