Tag: Infosec

Critical FortiOS & FortiProxy – Heap buffer overflow Vulnerability

Critical FortiOS – FG-IR-23-097: Fortinet released security updates to address a heap-based buffer overflow vulnerability [CVE-2023-27997] in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. Hackers are actively exploiting the latest Fortinet’s FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors. Take immediate action and update to …

Continue reading

Advertisement

High Veeam Backup & Replication Vulnerability – CVE-2023-27532

Today, Veeam has released patches for Veeam Backup & Replication v11 and v12. A critical vulnerability (CVSSv3 7.5 – CVE-2023-27532) has been fixed and you should apply the patch as soon as possible. Unauthorized users may be able to request encrypted credentials from the Veeam Backup service, and therefore get access to the backup infrastructure. …

Continue reading

Advertisement

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001: Fortinet has just announced a critical vulnerability in all versions. A buffer underwrite (‘buffer underflow’) vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests. The impact …

Continue reading

Advertisement

Ransomware solution for VMware ESX

Updated February 8, 2023. CISA has released a data recovery script dubbed “ESXiArgs-Recover” in order to help users who have been affected by the massive worldwide ESXiArgs ransomware server attacks on VMWare’s vSphere: GitHub. _________ Hacker group used a method that we encountered for the first time. A super-intelligence who thinks they can only get …

Continue reading

Important Vulnerability in VMware ESXi

There is currently an encryption campaign targeting ESXi servers up to version 7.x via the CVE-2022-31696 vulnerability, which allows access to data on host systems.  

Continue reading

error

Enjoy this blog? Please spread the word :)