Maggie: New Backdoor Targeting Microsoft SQL Servers
FortiGuard Labs is aware of reports that a new backdoor called "Maggie" targets Microsoft SQL servers. Maggie connects to Command and Control (C2) servers for...
CISA Advisory on Vulnerabilities Actively Exploited By Threat Actors Supported by China
On October 6, 2022, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a joint advisory...
LilithBot Sold as Malware-as-a-Service (MaaS)
FortiGuard Labs is aware of a report that the LilithBot malware is being sold as Malware-as-a-Service (MaaS) by a group called "Eternity". LilithBot is a...
CISA Adds CVE-2022-36804 to the Known Exploited Vulnerabilities Catalog
FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) recently added CVE-2022-36804 (Atlassian Bitbucket Server and Data Center Command Injection Vulnerability) to...
Friday Squid Blogging: Emotional Support Squid
The Monterey Bay Aquarium has a video—”2 Hours Of Squid To Relax/Study/Work To“—with 2.4 million views. As usual, you can also use this squid post...
USN-5663-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...
Report: Big U.S. Banks Are Stiffing Account Takeover Victims
When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as...
Top 20 CVEs Exploited by People’s Republic of China State-Sponsored Actors (AA22-279A)
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A) CISA, the NSA and FBI issue a joint advisory detailing the top 20...
CVE-2022-21936
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP...
CVE-2021-40166
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while...