Cobalt Strike Delivered Through Fake Proof-of-Concept Code
FortiGuard Labs is aware of a report that a Cobalt Strike beacon was attempted to be delivered through a couple of fake Proof-of-Concept (POC) codes...
New ArguePatch Variant Attacks Ukraine
FortiGuard Labs is aware of a report that a new variant of ArguePatch malware was used in an attack against Ukraine. This ArguePatch variant includes...
CISA Warns VMware Vulnerabilities Exploited in the Wild Leading to Full System Compromise
FortiGuard Labs is aware that the Cybersecurity and Infrastructure Security Agency (CISA) CISA released an advisory on recently patched VMware vulnerabilities (CVE-2022-22954 and CVE-2022-22960) being...
USN-5444-1: Linux kernel vulnerability
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to...
Meet BlackByte Ransomware
FortiGuard Labs is aware of a relatively new ransomware family "BlackByte" is in the wild, infecting organizations around the globe. BlackByte was first observed as...
Nerbian RAT Leverages COVID-19 and WHO Themed Emails to Spread
FortiGuard Labs is aware that a new Remote Access Trojan (RAT) called Nerbian RAT was delivered to the targets via COVID-19 and World Health Organization...
USN-5442-1: Linux kernel vulnerabilities
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to...
USN-5443-1: Linux kernel vulnerabilities
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to...
CVE-2021-32962
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to cross-site scripting, which may allow an attacker to remotely execute arbitrary code. Read...
CVE-2020-4926
A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of...