X-Industry

Our friends at Fortinet, https://www.fortinet.com has patched a critical Remote Code Execution (RCE) vulnerability in its FortiClient Enterprise Management Server (EMS) for managing endpoint devices.  The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage component of the server.  It gives unauthenticated attackers a way to execute arbitrary code and commands with system admin privileges on affected systems, using specially crafted requests.[1]

For

The human element is near and dear to my heart in the world of Cyber Security.  As cyberattacks intensify, more and more organizations recognize the need to have a strong security culture for all employees.  This cyber-aware workforce is a necessary addition to a skilled and knowledgeable security team and the use of advanced cybersecurity solutions.  Employees who know how to practice good cyber hygiene are increasingly seen as a crucial line of defense.

Bolstering cyber defenses will be import

The FortiGuard Labs team has discovered a new 0-day attack embedded in three PyPI packages (Python Package Index) called ‘colorslib’, ‘httpslib’, and “libhttps”.  These were found on 10 January 2023, by monitoring an open-source ecosystem.  The Python packages “colorslib” and “httpslib” were published on 7 January 2023, and “libhttps” was published on 12 January 2023.  All three were published by the same author, ‘Lolip0p’, as shown in the official PyPI repository.  ‘Lolip0p’ joined the reposito

Red Sky Alliance utilizes Fortinet collections, analysis, and support; this is important.  A vulnerability has been recently discovered in Fortinet's FortiOS, which could allow for arbitrary code execution.  FortiOS is the Fortinet’s proprietary operation system which is utilized across multiple product lines.  Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  Users whose acc

A vulnerability has been discovered in FortiOS, FortiProxy and FortiSwitchManager, which could allow for authentication bypass on administrative interface.  FortiOS is the Fortinet’s proprietary Operation System which is utilized across multiple product lines. operation systemsFortiProxy is a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection techniques.  FortiSwitch Manager is an on-premise management platform for the FortiSwitch product.

New samples of the Ekans ransomware have revealed how today's cyber attackers are using a variety of methods to compromise key industrial companies.  Researchers from our friends at FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems.[1] 

Ekans, which is also referred to as Snake[2], was first identified in February 2020 and early reports indicated that it had been desi