Outbreak Alerts

FortiGuard Outbreak Alerts will be the mechanism for communicating important information to customers and partners. When a cybersecurity incident/attack/event occurs that has large ramifications to the cybersecurity industry and affects numerous organizations, this page will be updated with a link to the individual FortiGuard Outbreak Alert. That Alert will include:

  • An explanation of the attack, its timeline and what specific technology was affected
  • Where applicable patches and/or mitigation recommendations can be found
  • What Fortinet products, if deployed, would break the attack sequence
  • What specific versions those Fortinet products need to be at to provide the protection
  • Threat Hunting tools from Fortinet to help you determine if you were affected
  • Related research from FortiGuard Labs
On May 7, Colonial Pipeline Company learned it was the victim of a cybersecurity attack and has since determined that the incident involved ransomware. Quickly after learning of the attack, Colonial proactively took certain systems offline to contain the threat. These actions temporarily halted...

May 14, 2021 Severity: High
The 2 most critical vulnerabilities allow a remote attacker with access to the user interface (or REST API via the user interface) to gain full control of the system and execute arbitrary system commands, create or delete files, and disable services. The most critical is unauthenticated....

Mar 25, 2021 Severity: Critical
Following initial compromise of the MS Exchange system, the attacker can execute the primary objective. From monitoring these incidents, a new family of ransomware has been detected. The threat is known as DoejoCrypt or DearCry.

Mar 16, 2021 Severity: High
Firstly, if you are running an un-patched on-premise Microsoft Exchange version, you should upgrade immediately! This is a critical vulnerability that allows an attacker to access a desired user’s mailbox, requiring only the e-mail address of the user they wish to target! These details and more...

Mar 12, 2021 Severity: Critical
Solarwinds [signed] software containing a planted vulnerability released in March 2020 as a regular (trusted) software patch. The backdoor was not discovered until the FireEye breach became public 9 months later.

Dec 15, 2020 Severity: Critical