eSecurity Planet

FEBRUARY 12, 2024

Orca Security published a blog post about the vulnerabilities — its researchers discovered and reported the issues in Fall 2023, and Microsoft quickly patched them. February 8, 2024 FortiOS Sees Critical Vulnerability in SSL VPN Functionality Type of vulnerability: Arbitrary code execution by an unauthenticated user.

VPN 107

VPN Authentication Software Firewall 107

eSecurity Planet

JANUARY 11, 2024

Remote encryption performs ransomware encryption on a device beyond the security solutions monitoring for malicious activity. As endpoint security improved, attackers realized that these security solutions only work in two conditions. Sophos X-Ops illustrates how remote encryption operates beyond security tool detection.

Ransomware 120

Ransomware Encryption IoT VPN 120

eSecurity Planet

SEPTEMBER 5, 2023

Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. This major security weakness can allow unauthenticated attackers to execute code on vulnerable devices through the Internet-exposed J-Web configuration interface.

VPN 103

VPN Authentication Ransomware Antivirus 103

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication 117

Authentication VPN Software DDOS 117