virus logo Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

 Date

Total: 325

Name
Description
Updated Date
Akira Ransomware Attack
What is the Akira Ransomware Attack? The Akira ransomware attack has actively and widely impacting...
Apr 19, 2024
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the...
Apr 12, 2024
XZ Utils Supply Chain Attack (CVE-2024-3094)
What is the vulnerability/attack? A malicious code was discovered embedded in the XZ Utils, a data...
Apr 01, 2024
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256)
What is the vulnerability? Cyber threat actors are actively targeting Linear eMerge E3-Series to exploit a...
Mar 26, 2024
Kimsuky Malware Attack
What is the Kimsuky Malware Attack? Kimsuky, officially known as the Kim Suky Group, is a cyber-espionage...
Mar 25, 2024
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
What is the Vulnerability? Cyber threat actors are actively targeting Jenkins, a Java-based open-source...
Mar 12, 2024
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)
What are the Vulnerabilities? Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been...
Mar 12, 2024
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
What is the Vulnerability? On February 19, 2024, ConnectWise published a security advisory for their...
Feb 22, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
What is the Vulnerability? Microsoft disclosed a critical security flaw in the Exchange Server. Tracked as...
Feb 16, 2024
Atlassian Confluence Remote Code Execution (CVE-2023-22527)
What is the Vulnerability? On Jan 16 2024, Atlassian released an advisory for a template injection...
Feb 01, 2024
Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893)
What is the Vulnerability? Ivanti recently published an advisory on two vulnerabilities on Jan 10, 2024...
Jan 18, 2024
Adobe ColdFusion Access Control Bypass (CVE-2023-26347, CVE-2023-38205)
What is the vulnerability? The Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier)...
Jan 15, 2024
Microsoft SharePoint Server Elevation of Privilege Vulnerability (CVE-2023-29357)
What is the vulnerability? A vulnerability in Microsoft SharePoint Server is actively being exploited and...
Jan 10, 2024
Apache OFBiz Authentication Bypass (CVE-2023-51467, CVE-2023-49070)
What is the vulnerability? There is an authentication bypass vulnerability in Apache OFBiz tracked under...
Jan 08, 2024
Google Chrome Heap buffer overflow (CVE-2023-7024)
What is the Vulnerability? A zero-day vulnerability in Google Chrome is actively exploited in the wild....
Dec 21, 2023