1. Home
  2. Discover
  3. Technology
  4. The Hacker News
  5. New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

The Hacker News Daily Updates
Newsletter
cover

3 Real-World Challenges Facing Cybersecurity Organizations: How an Exposure Management Platform Can Help

Security programs today are reactive when they should be proactive

Download Now Sponsored
LATEST NEWS Mar 9, 2023

Does Your Help Desk Know Who's Calling?

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they ...

Read More
Twitter Facebook LinkedIn

Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably the targets in this instance were all women who are actively involved in political affairs and human rights in the Middle East region," Secureworks Counter Threat Unit (CTU) said in a report shared with The Hacker News. The ...

Read More
Twitter Facebook LinkedIn

ICS Village & GRIMM Cyber Team Up for Interactive CyPhy™ Experience at RSAC

GRIMM's interactive approach to learning, coupled with ICS Village's mission for awareness, delivers a compelling experience using real IT and industrial equipment. RSAC attendees can visit our ICS sandbox and explore our CyberTown virtual ...

Read More
Twitter Facebook LinkedIn

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt. Crypters are a type of software that can ...

Read More
Twitter Facebook LinkedIn

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems. The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams. "A buffer underwrite ('buffer underflow') vulnerability ...

Read More
Twitter Facebook LinkedIn

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 ...

Read More
Twitter Facebook LinkedIn

Syxsense Platform: Unified Security and Endpoint Management

As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave gaps in an enterprise's ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. These gaps are often seen in outdated spreadsheets ...

Read More
Twitter Facebook LinkedIn

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved ...

Read More
Twitter Facebook LinkedIn
cover

3 Real-World Challenges Facing Cybersecurity Organizations: How an Exposure Management Platform Can Help

Security programs today are reactive when they should be proactive

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

US think tank infamous cryptocurrency miner group Secureworks Counter Threat Unit susceptible Oracle WebLogic servers South Korean Financial Entity financial business entity Middle East Politics Middle East region New Critical Flaw Iranian statesponsored actors A buffer underwrite Jenkins Security Alert severe security vulnerabilities cloud security firm social engineering campaigns Interactive CyPhy Experience Fortinet FortiGuard Labs one critical vulnerability Exposure Management Platform Code Execution Attacks New ScrubCrypt Crypter New Security Flaws

Older messages

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

Wednesday, March 8, 2023

The Hacker News Daily Updates Newsletter cover Solutions Demo: CyberArk Workforce Password Management Attackers used to focus mainly on privileged users' credentials. But now they'll target

Warning! Shein's Android App Caught Transmitting Your Private Data!

Tuesday, March 7, 2023

The Hacker News Daily Updates Newsletter cover The Threat Profiler's Playbook: 6 Steps to Uncovering Ransomware (& Other Nefarious Activity) How much do you understand about the threats you

Experts Discover Security Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm

Monday, March 6, 2023

The Hacker News Daily Updates Newsletter cover The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats Say goodbye to the myths and hello to the facts - Register for our

Breaking: Mexican Banks Hit by FiXS ATM Malware

Saturday, March 4, 2023

The Hacker News Daily Updates Newsletter cover The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats Say goodbye to the myths and hello to the facts - Register for our

ALERT: New Flaws in TPM 2.0 Library Could Be Putting Your Business and IoT Devices in Danger!

Friday, March 3, 2023

The Hacker News Daily Updates Newsletter cover Why EDR isn't Enough to Stop Cyberattacks How CyberArk Endpoint Privilege Manager™ Tackles EDR Gaps Download Now Sponsored LATEST NEWS Mar 3, 2023 New

Llama.cpp 30B runs with only 6GB of RAM now — and CDC team studying East Palestine train derailment fell ill during investigation

Saturday, April 1, 2023

Issue #1089 — Top 20 stories of April 02, 2023 Issue #1089 — April 02, 2023 You receive this email because you are subscribed to Hacker News Digest. You can open it in the browser if you prefer. 1

Daily Coding Problem: Problem #1062 [Easy]

Saturday, April 1, 2023

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Google. Given the head of a singly linked list, swap every two nodes and return its head

Animated Map | The Largest Cities Throughout History 🌃

Saturday, April 1, 2023

Where were the largest cities in the world throughout history? This video shows the rise (and fall) of the most populated cities from 3000 BCE. View Online | Subscribe FEATURED STORY The Largest Cities

How to Enable Dark Mode in Real Life

Saturday, April 1, 2023

Did You Know?: Graphene was first observed, via electron microscope, in 1962 and studied only while supported on metal surfaces. The material was later rediscovered, isolated, and characterized in 2004

Noonification: The Birth of an AI Martyr

Saturday, April 1, 2023

Top Tech Content sent at Noon! Invest in the company that's democratizing VC How are you, @hacker? 🪐 What's happening in tech this week: The Noonification by HackerNoon has got you covered with

Week in Review - Virgin Orbit runs low on cash, ByteDance pushes a TikTok replacement, and Canoo settles with the SEC

Saturday, April 1, 2023

TechCrunch Newsletter TechCrunch logo Week in Review logo By Kyle Wiggers Saturday, April 01, 2023 It's the weekend, party people, and you know what that means: It's Week in Review (WiR) time.

Startups Weekly - Always be prompting

Saturday, April 1, 2023

TechCrunch Newsletter TechCrunch logo Startups Weekly logo By Natasha Mascarenhas Saturday, April 01, 2023 Welcome to Startups Weekly, a nuanced take on this week's startup news and trends by

🐍 New Python tutorials on Real Python

Saturday, April 1, 2023

Hey there, There's always something going on over at realpython.com as far as Python tutorials go. Don't miss out on the opportunity to learn something new and sharpen your Python skills.

A Musical War of the Worlds 🛸

Saturday, April 1, 2023

The story of perhaps the most audacious rock opera of all time. Here's a version for your browser. Hunting for the end of the long tail • April 01, 2023 Hey all, Ernie here with a fresh one from

Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation

Saturday, April 1, 2023

The Hacker News Daily Updates Newsletter cover 7 Key Takeaways to Passwordless Authentication Moving Past Passwords (At Last!) Download Now Sponsored LATEST NEWS Apr 1, 2023 Microsoft Fixes New Azure