Weekly Threat Briefs

FortiGuard Labs uses its industry leading global infrastructure of threat sensors, honeypots, and collectors to provide you with the largest source of data of any pure play network security vendor. Data is collected from all of these sources on a continual basis and analyzed by Fortinet’s world-wide team of analysts to provide you with a weekly recap of the incidents and threats you care the most about.

On this page you will find an archive of our weekly Threat Intelligence Briefs, as well as the ability to sign up to receive these briefs every Friday. Join the thousands of other security-minded professionals who receive these weekly briefs!

On September 16, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released a new joint advisory Alert (AA21-259A), titled APT Actors Exploiting Newly Identified Vulnerability in...

Sep 24, 2021
On September 7, 2021, Microsoft disclosed an unpatched remote code execution vulnerability in Microsoft MSHTML affecting multiple Microsoft Windows platforms. MSHTML, also referred to as Trident, is the Microsoft legacy browser engine for Internet Explorer, specific to Microsoft Windows...

Sep 17, 2021
Malicious Actor Discloses FortiGate SSL-VPN Credentials – Fortinet has become aware that a malicious actor has recently disclosed SSL-VPN access information to 87,000 FortiGate SSL-VPN devices. These credentials were obtained from systems that remained unpatched against FG-IR-18-384 /...

Sep 10, 2021
A year of suffering best describes Microsoft Exchange Server in 2021. The year started off with ProxyLogon, a zero-day vulnerability (CVE-2021-26855) that was abused, along with three other unpatched vulnerabilities, by a nation-state actor dubbed HAFNIUM. Then ProxyOracle was disclosed by...

Sep 03, 2021