Threat Signal
The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.
Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.
Name
Description
Updated Date
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
What is the Vulnerability ? A zero-day security vulnerability has been uncovered in an enterprise...
Apr 26, 2024
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359)
What is the Attack? Cisco issued an advisory on 24th April, regarding its Adaptive Security Appliances,...
Apr 24, 2024
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259)
What is the Akira Ransomware Attack? The Akira ransomware attack has been actively and widely impacting...
Apr 19, 2024
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the...
Apr 12, 2024
XZ Utils Supply Chain Attack (CVE-2024-3094)
What is the vulnerability/attack? A malicious code was discovered embedded in the XZ Utils, a data...
Apr 01, 2024
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256)
What is the vulnerability? Cyber threat actors are actively targeting Linear eMerge E3-Series to exploit a...
Mar 26, 2024
Kimsuky Malware Attack
What is the Kimsuky Malware Attack? Kimsuky, officially known as the Kim Suky Group, is a cyber-espionage...
Mar 25, 2024
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
What is the Vulnerability? Cyber threat actors are actively targeting Jenkins, a Java-based open-source...
Mar 12, 2024
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been...
Mar 12, 2024
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
What is the Vulnerability? On February 19, 2024, ConnectWise published a security advisory for their...
Feb 22, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
What is the Vulnerability? Microsoft disclosed a critical security flaw in the Exchange Server. Tracked as...
Feb 16, 2024
Atlassian Confluence Remote Code Execution (CVE-2023-22527)
What is the Vulnerability? On Jan 16 2024, Atlassian released an advisory for a template injection...
Feb 01, 2024
Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893)
What is the Vulnerability? Ivanti recently published an advisory on two vulnerabilities on Jan 10, 2024...
Jan 18, 2024
Adobe ColdFusion Access Control Bypass (CVE-2023-26347, CVE-2023-38205)
What is the vulnerability? The Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier)...
Jan 15, 2024
Microsoft SharePoint Server Elevation of Privilege Vulnerability (CVE-2023-29357)
What is the vulnerability? A vulnerability in Microsoft SharePoint Server is actively being exploited and...
Jan 10, 2024