Last week, the UK’s National Cyber Security Centre (NCSC) reported that
The CVE-2018-13379 is a path traversal vulnerability in the FortiOS SSL VPN web portal that could be exploited by an unauthenticated attacker to download FortiOS system files. The CVE-2018-13379 flaw could be exploited to obtain administrator credentials in plain text.
The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability.
APT groups also exploit CVE-2018-13382, CVE-2018-13383, and CVE-2019-1579, in Palo Alto Networks products.
The vulnerabilities were first reported in July by researchers Orange Tsai and Meh Chang from DEVCORE that found several flaws in Fortinet, Palo Alto Networks and Pulse Secure products. The issues could be exploited by threat actors to access corporate networks and steal sensitive documents
Microsoft researchers recently reported that the APT5
Now NSA is warning of multiple state-sponsored
“Multiple Nation State Advanced Persistent Threat (APT) actors have
“If a malicious actor previously exploited the vulnerability to collect legitimate credentials, these credentials would still be valid after patching.
Both NCSC or NSA intelligence agencies confirmed that APT groups targeted several sectors, including military, government, academic, business and healthcare. The security advisories published by the agencies did not name any APTs leveraging the above VPN vulnerabilities.
(SecurityAffairs – VPN vulnerabilities, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.