- Key Takeaways from Our Latest Global Threat Landscape Report 21 mai 2019
Fortinet announced the findings of the latest quarterly Global Threat Landscape Report. The research reveals that cybercriminals continue to evolve the sophistication of their attack methods, from tailored ransomware and custom coding for some attacks, to utilizing pre-installed tools or established infrastructure to maximize efficiency for their opportunities. …
- How SD-WAN Solutions Help Canadian Schools with WAN-Edge Transformation 21 mai 2019
SD-WAN is enhancing the way we educate. Discover why a number of Canadian school districts have turned to Fortinet Secure SD-WAN to comply with new regulations and enhance internet capabilities within their school systems.
- A Closer Look at Satan Ransomware’s Propagation Techniques 20 mai 2019
Satan ransomware first appeared in early 2017, and since then threat actors have been constantly improving the malware to infect its victims more effectively and to maximize its profits. Learn more about how this malware finds new targets to attack.
- Not all Secure SD-WAN Solutions are Created Equal 16 mai 2019
New NSS Labs research explains why having security built into an SD-WAN solution is the right approach for successful WAN Edge deployments. Learn more about the importance of security-driven networking and Fortinet’s Secure SD-WAN solution.
- Key Considerations for a Secure Cloud Migration 15 mai 2019
Addressing the challenges of cloud migration requires careful preparation. To establish a consistent security framework, organizations should consider these six steps as part of their migration strategy.
- How to Cost-Effectively Dynamically Analyze UEFI Malware 14 mai 2019
With the growing popularity of UEFI systems adversaries are starting to focus on exploiting this new attack surface. There is a pressing need for security researchers to be able to handle this threat. In this blog post, we examine how.
- Fortinet Operational Technology Security Trends Report 13 mai 2019
To increase efficiencies in places like manufacturing floors, energy production and delivery, or interconnected transportation systems, operational technology (OT) environments are being connected to the outside world. Find out how this presents new threats to OT organizations.
- The Problem with Too Many Security Options 9 mai 2019
In today’s meshed and increasingly perimeterless networks, security teams need to be able to identify everything connected to their ecosystem—which is a challenge with too many security solutions that do not work together.
- New Spam Attack Targets Romanian Corporation 8 mai 2019
The FortiGuard SE team has discovered an ongoing malicious spam campaign over the past few weeks. It uses a combination of a variant of the Fareit/Pony downloader together with the Formbook infostealer malware. Read this analysis report of the spam campaign.
- Fortinet Hosts Second Annual Federal Partner Forum 7 mai 2019
Fortinet is hosting its second annual Federal Partner Forum. Learn about the key themes Fortinet leaders will be discussing with our federal partner community.
- WPA3 Multiple Vulnerabilities 16 avril 2019
On April 10, 2019 a research paper by Mathy Vanhoef and Eyal Ronen was released documenting a series of potential vulnerabilities in implementations of WPA3 and EAP-pwd (RFC 5931). Details on EAP-pwd vulnerabilities have not yet been released. This advisory covers only WPA3 vulnerabilities.
- Aruba Instant Multiple Vulnerabilities 27 février 2019
Aruba has released updates to Aruba Instant (IAP) that address multiple serious vulnerabilities. The most significant vulnerability is rated CRITICAL with a CVSS score of 9.8.
- ClearPass Policy Manager Multiple Vulnerabilities 7 novembre 2018
Aruba has released an update to ClearPass Policy Manager that addresses multiple security vulnerabilities.
- Aruba BLE Radio Firmware Vulnerability 18 octobre 2018
A vulnerability exists in the firmware of embedded BLE radios that are part of all Aruba AP-3xx series access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP’s BLE radio and could then gain access to the AP’s console port. Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986 …
- Apache Struts Vulnerability in ClearPass Policy Manager 24 août 2018
The Apache Struts group announced Struts version 2.3.35 on August 22, 2018.
Included in this update is a fix for one security vulnerability. Aruba ClearPass includes Apache Struts 2.3.34, but in a non-vulnerable configuration.
- Linux Kernel Vulnerabilities in ClearPass and AirWave 24 août 2018
Two Linux kernel vulnerabilities, known as “SegmentSmack” and “FragmentSmack”, have been publicly disclosed. The Linux kernel used by Aruba ClearPass Policy Manager and Aruba AirWave is affected. Other Aruba products are not affected.
- Return Of Bleichenbacher’s Oracle Threat (ROBOT) 28 mars 2018
The cryptography library used by Aruba Instant provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker may be able to recover private keys for X.509 certificates. This vulnerability is
referred to as “ROBOT.”
- ClearPass Policy Manager Multiple Vulnerabilities 21 mars 2018
Aruba has released an update to ClearPass Policy Manager that addresses four security vulnerabilities.
- Unauthorized Memory Disclosure through CPU Side-Channel Attacks (“Meltdown” and “Spectre”) 4 janvier 2018
- WPA2 Key Reinstallation Vulnerabilities (CVE-2017-13077) 16 octobre 2017
- Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780) 21 mai 2019
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit thi …
- Cisco Secure Boot Hardware Tampering Vulnerability 21 mai 2019
A vulnerability in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the ar …
- Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability 20 mai 2019
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect imp …
- Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability 20 mai 2019
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker …
- Cisco NX-OS Software SSH Key Information Disclosure Vulnerability 16 mai 2019
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user’s private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key expo …
- Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities 16 mai 2019
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow a remote attacker to gain the ability to execute arbitrary code with elevated privileges on the underlying operating system. One of these issues, CVE-2019-1821, can be exploited by an unauthenticated attacker that has network access to t …
- Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability 15 mai 2019
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM pack …
- Cisco AnyConnect Secure Mobility Client for Linux Out-of-Bounds Memory Read Vulnerability 15 mai 2019
A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by crafting HTTP traffic for the affected component to downlo …
- Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities 15 mai 2019
Multiple vulnerabilities in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulner …
- Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability 15 mai 2019
A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affected device. The vulnerability is due to a fa …
Google Online Security Blog