154.52.13.197
Open in
urlscan Pro
154.52.13.197
Public Scan
Submitted URL: http://154.52.13.197/
Effective URL: https://154.52.13.197/
Submission: On September 11 via manual from NL — Scanned from FR
Effective URL: https://154.52.13.197/
Submission: On September 11 via manual from NL — Scanned from FR
Form analysis 2 forms found in the DOM
GET /search
<form action="/search" method="get" class="form-check d-none">
<span class="search_flat">
<label for="search_field_header" class="visually-hidden" id="label-search_field-header">Search</label>
<input id="search_field_header" type="text" class="search_field" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button type="submit" value=" " class="btn btn-sm" aria-label="Submit your search">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=30327" alt="search">
</button>
<div class="global_search-popup">
<fieldset>
<legend class="visually-hidden">Please select any available option</legend>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="all_home" class="form-check-input search-input-option" value="1" checked="checked" aria-checked="true">
<label class="form-check-label search-input-label" for="all_home"> Normal </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="exact_home" class="form-check-input search-input-option" value="2">
<label class="form-check-label search-input-label" for="exact_home"> Exact Match </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="cve_home" class="form-check-input search-input-option" value="3">
<label class="form-check-label search-input-label" for="cve_home"> CVE Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="threat_home" class="form-check-input search-input-option" value="4">
<label class="form-check-label search-input-label" for="threat_home"> ID Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="psirt_home" class="form-check-input search-input-option" value="6">
<label class="form-check-label search-input-label" for="psirt_home"> PSIRT Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="repms_home" class="form-check-input search-input-option" value="8">
<label class="form-check-label search-input-label" for="repms_home"> Antispam Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="outbreak-alert_home" class="form-check-input search-input-option" value="9">
<label class="form-check-label search-input-label" for="outbreak-alert_home"> Outbreak Alert Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="url_home" class="form-check-input search-input-option" value="7">
<label class="form-check-label search-input-label" for="url_home"> IP/Domain/URL Lookup </label>
</div>
</fieldset>
</div>
</span>
</form>GET /search
<form action="/search" method="get" class="mobile-search-form col-12 ">
<div class="input-group">
<select class="form-select" name="engine">
<option value="1"> Normal </option>
<option value="2"> Exact Match </option>
<option value="3"> CVE Lookup </option>
<option value="4"> ID Lookup </option>
<option value="6"> PSIRT Lookup </option>
<option value="8"> Antispam Lookup </option>
<option value="9"> Outbreak Alert Lookup </option>
<option value="7"> IP/Domain/URL Lookup </option>
</select>
<input id="search_field_header" type="text" class="form-control" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button class="btn btn-sm btn-outline-secondary" type="submit">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=30327" alt="search">
</button>
</div>
</form>Text Content
* Search
Please select any available option
Normal
Exact Match
CVE Lookup
ID Lookup
PSIRT Lookup
Antispam Lookup
Outbreak Alert Lookup
IP/Domain/URL Lookup
* News / Research
NEWS/RESEARCH
RESEARCH CENTER
PSIRT CENTER
Explore latest research and threat reports on emerging cyber threats.
* Outbreak Alerts
* Security Blog
* Threat Signal
Fortinet Product Security Incident Response Team (PSIRT) updates.
* Advisories
* PSIRT Blog
* PSIRT Contact
* Security Vulnerability Policy
* Services
SERVICES
BY OUTBREAK
BY SOLUTION
BY PRODUCT
PROTECT
Counter measures across the security fabric for protecting assets, data and
network.
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Endpoint Detection & Response
* Endpoint Vulnerability
* Inline-CASB Application Definitions
* Intrusion Protection
* Operational Technology Security
* Sandbox Behavior Engine
* Web Application Security
* Web Filtering
DETECT
Find and correlate important information to identify an outbreak.Find and
correlate
* Anti-Recon and Anti-Exploit
* Cloud Threat Detection
* Indicators of Compromise
* Outbreak Deception
* Outbreak Detection
* Security Automation
RESPOND
Develop containment techniques to mitigate impacts of security events.Develop
containment
* Client Forensics
* Endpoint Detection and Response
* Incident Response
* Recon: ACI
RECOVER
Improve security posture and processes by implementing security awareness and
training.
* Assessment Services
* NSE Training
* Security Awareness Training
IDENTIFY
Identify processes and assets that need protection.Identify processes and
assets that
* Cloud Vulnerability
* Endpoint Vulnerability
* FortiTester
* IoT Detection
* Pen Testing
* Recon: BP
* Recon: EASM
* Security Rating
* NETWORK SECURITY
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* Cloud Vulnerability and Threat Detection
* Data Loss Prevention
* Indicators of Compromise
* Inline-CASB Application Definitions
* Internet Services
* Intrusion Protection
* IP Geolocation
* Secure DNS
* ENDPOINT SECURITY
* ANN and NDR
* AntiVirus
* Endpoint Detection & Response
* Endpoint Vulnerability
* FortiClient Outbreak Detection
* IoT Detection
* Sandbox Behavior Engine
* APPLICATION SECURITY
* AntiSpam
* Application Control
* Client Application Firewall
* Credential Stuffing Defense
* Operational Technology Security
* Web Application Security
* Web Filtering
* SECURITY OPERATIONS
* Breach Attack Simulation
* FortiDevSec
* FortiSIEM Outbreak Detection Service
* Outbreak Deception
* Outbreak Detection
* Pen Testing
* Security Rating
* FortiGate
* FortiAnalyzer
* FortiClient
* FortiWeb
* FortiADC
* FortiAuthenticator
* FortiCNP
* FortiDDoS
* FortiDeceptor
* FortiEDR
* FortiMail
* empty
* FortiNDR
* FortiPAM
* FortiPolicy
* FortiProxy
* FortiRecon
* FortiSandBox
* FortiSASE
* FortiSIEM
* FortiTester
* FortiCNAPP
* empty
* Anti-Botnet
* AntiVirus
* Application Control
* Inline-CASB Application Definitions
* Intrusion Protection
* IoT Detection
* IP Geolocation
* Operational Technology Security
* Secure DNS
* Security Rating
* Web Filtering
* Indicators of Compromise
* Outbreak Detection
* Security Automation
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiVirus
* Application Firewall
* Credential Stuffing Defense
* Endpoint Vulnerability
* Intrusion Protection
* Outbreak Detection
* Web Filtering
* Anti-Botnet
* AntiVirus
* Application Control
* Credential Stuffing Defense
* Fuzzy Webshell
* IP Geolocation
* Web Application Security
* Anti-Botnet
* AntiVirus
* Credential Stuffing Defense
* Intrusion Protection
* IP Geolocation
* Web Application Security
* Web Filtering
* IP Geolocation
* Anti-Botnet
* Data Loss Prevention
* IP Geolocation
* Vulnerability
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiVirus
* Intrusion Protection
* Outbreak Deception
* AntiVirus
* EndPoint Detection and Response
* Endpoint Vulnerability
* Indicators of Compromise
* Web Filtering
* AntiSpam
* AntiVirus
* Web Filtering
* Network Detection and Response
* AntiVirus
* Data Loss Prevention
* Anti-Botnet
* Application Control
* Anti-Botnet
* Application Control
* Industrial Security
* Digital Risk Protection
* AntiVirus
* Intrusion Protection
* Sandbox Behavior Engine
* Web Filtering
* Anti-Botnet
* AntiVirus
* Application Control
* Data Loss Prevention
* Endpoint Vulnerability
* Intrusion Protection
* Secure DNS
* Web Filtering
* Indicators of Compromise
* IP Geolocation
* Outbreak Detection
* Breach Attack Simulation
* Cloud Threat Detection
* Cloud Vulnerability
* Threat Intelligence
THREAT INTELLIGENCE
CENTER
Browse the FortiGuard Labs extensive encyclopedia and Threat Analytics.
* Application Control Lookup
* Threat Analytics
* Threat Encyclopedia
* Threat Map
* Web Filtering Lookup
* Resources
RESOURCE CENTER
Learn about service status, publications and other available resources.
* FortiGuard Sample Files
* MITRE ATT&CK Matrix
* NIST Cybersecurity Framework
* Publications
* Security Best Practices
* About
ABOUT
FORTIGUARD LABS
PARTNERS
AI-Powered Threat Intelligence for an Evolving Digital World.
* Contact Us
* Premium Services
* RSS Feeds
Leveraging cyber security industry partner relationships.
* Cyber Threat Alliance
* MITRE Engenuity
*
* News / Research
* Advisories
* Outbreak Alerts
* PSIRT Blog
* PSIRT Contact
* Security Blog
* Security Vulnerability Policy
* Threat Signal
* Services
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Assessment Services
* Client Forensics
* Cloud Threat Detection
* Cloud Vulnerability
* Endpoint Detection & Response
* Endpoint Detection and Response
* Endpoint Vulnerability
* Endpoint Vulnerability
* FortiTester
* Incident Response
* Indicators of Compromise
* Inline-CASB Application Definitions
* Intrusion Protection
* IoT Detection
* NSE Training
* Operational Technology Security
* Outbreak Deception
* Outbreak Detection
* Pen Testing
* Recon: ACI
* Recon: BP
* Recon: EASM
* Sandbox Behavior Engine
* Security Automation
* Security Awareness Training
* Security Rating
* Web Application Security
* Web Filtering
* Threat Lookup
* Application Control Lookup
* Threat Analytics
* Threat Encyclopedia
* Threat Map
* Web Filtering Lookup
* Resources
* FortiGuard Sample Files
* MITRE ATT&CK Matrix
* NIST Cybersecurity Framework
* Publications
* Security Best Practices
* About
* Contact Us
* Cyber Threat Alliance
* MITRE Engenuity
* Premium Services
* RSS Feeds
* FORTINET
Normal Exact Match CVE Lookup ID Lookup PSIRT Lookup Antispam Lookup Outbreak
Alert Lookup IP/Domain/URL Lookup
FORTIGUARD LABS
LATEST NEWS
Outbreak Alert
RUSSIAN CYBER ESPIONAGE ATTACK
Sep 09, 2024
FortiGuard Labs continues to observe attack attempts exploiting the
vulnerabilities highlighted in the recent CISA advisory about Russian military
cyber actors. These actors are targeting U.S. and...
Threat Signal Report
VERSA DIRECTOR DANGEROUS FILE TYPE UPLOAD VULNERABILITY (CVE-2024-39717)
Aug 27, 2024
What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous
file type upload vulnerability (CVE-2024-39717) that allows attackers to upload
potentially malicious files, granting...
Outbreak Alert
JENKINS RCE ATTACK
Aug 20, 2024
Cyber threat actors target Jenkins Arbitrary File Read vulnerability
(CVE-2024-23897) in ransomware attacks. FortiGuard Labs continues to see active
attack telemetry targeting the vulnerability.
Threat Signal Report
MICROSOFT MULTIPLE ACTIVELY EXPLOITED VULNERABILITIES
Aug 14, 2024
What are the Vulnerabilities?Threat actors are exploiting multiple zero-day
vulnerabilities that were recently disclosed on the Microsoft Security Updates-
August 2024. The six actively exploited...
Outbreak Alert
SERVICENOW REMOTE CODE EXECUTION ATTACK
Jul 30, 2024
FortiGuard Labs continue to observe attack attempts targeting the recent
ServiceNow Platform vulnerabilities (CVE-2024-4879, CVE-2024-5217, &
CVE-2024-5178). When chained together, could lead to...
Threat Signal Report
SNAKEKEYLOGGER ATTACK
Aug 01, 2024
What is the Attack?Threat actors are continuously preying on end users to
unknowingly install a trojan stealer known as SnakeKeylogger or KrakenKeylogger.
This trojan was developed using .NET and...
Threat Signal Report
VMWARE ESXI RANSOMWARE ATTACK (CVE-2024-37085)
Jul 31, 2024
What is the Attack?Threat actors are exploiting an authentication bypass
vulnerability in ESXi hypervisors, known as CVE-2024-37085, to gain full
administrative permissions on domain-joined ESXi...
Threat Signal Report
SERVICENOW IMPROPER INPUT VALIDATION VULNERABILITY (CVE-2024-4879)
Jul 29, 2024
What is the vulnerability?A critical input validation vulnerability
(CVE-2024–4879) is identified in ServiceNow’s Now platform hosted in Vancouver
and Washington DC, exploiting this vulnerability...
Threat Signal Report
THREAT ACTORS LEVERAGING THE RECENT CROWDSTRIKE UPDATE OUTAGE
Jul 19, 2024
What is the Threat?FortiGuard Labs is aware of the campaigns used by threat
actors to spread malware, using phishing and scams to take advantage of the
recent widespread global IT outage affecting...
Threat Signal Report
SOLARWINDS SERV-U INFORMATION DISCLOSURE VULNERABILITY (CVE-2024-28995)
Jul 17, 2024
What is the Vulnerability?A Directory Traversal Vulnerability in SolarWinds
Serv-U software is being actively exploited in the wild. Tracked as
CVE-2024-28995, the vulnerability is due to improper...
Threat Signal Report
WINDOWS MSHTML PLATFORM SPOOFING VULNERABILITY (CVE-2024-38112)
Jul 16, 2024
What is the Vulnerability?CVE-2024-38112 is a spoofing vulnerability in Windows
MSHTML Platform. The attacker can abuse internet shortcuts and Microsoft
protocol handlers to execute malicious...
Threat Signal Report
PROGRESS TELERIK REPORT SERVER AUTHENTICATION BYPASS VULNERABILITY
Jul 08, 2024
What is the Vulnerability?Progress Telerik Report Server contains an
authorization bypass by spoofing vulnerability, allowing an attacker to bypass
authentication and create rogue administrator...
Threat Signal Report
BRAIN CIPHER RANSOMWARE ATTACK
Jun 28, 2024
What is the attack?A significant ransomware attack has struck Pusat Data
Nasional (PDN), one of Indonesia’s government-owned national data centers. This
incident involved threat actors encrypting...
Threat Signal Report
POLYFILL.IO SUPPLY CHAIN ATTACK
Jun 26, 2024
What is the attack?Over 100,000+ sites have been impacted by a supply chain
attack involving the Polyfill.io service. Polyfill is a popular tool used for
enhancing browser capabilities by hundreds...
Outbreak Alert
APACHE OFBIZ RCE ATTACK
Jun 25, 2024
FortiGuard Labs continues to observe attack attempts targeting the recent Apache
OFBiz vulnerabilities (CVE-2024-38856 and CVE-2024-36104) that can be exploited
by threat actors through...
Outbreak Alert
IVANTI CONNECT SECURE AND POLICY SECURE ATTACK
Jun 25, 2024
Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect
Secure and Policy Secure gateways underway.
Outbreak Alert
PHP RCE ATTACK
Jun 10, 2024
FortiGuard Labs has observed significant level of exploitation attempts
targeting the new PHP vulnerability. The TellYouThePass ransomware gang has been
leveraging CVE-2024-4577, a remote code...
Threat Signal Report
ORACLE WEBLOGIC SERVER VULNERABILITIES (CVE-2023-21839, CVE-2017-3506)
Jun 04, 2024
What is the attack?A threat actor known as “8220 Gang” is seen exploiting two
vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows
remote OS command execution, and...
Outbreak Alert
RUSSIAN CYBER ESPIONAGE ATTACK
Sep 09, 2024
FortiGuard Labs continues to observe attack attempts exploiting the
vulnerabilities highlighted in the recent CISA advisory about Russian military
cyber actors. These actors are targeting U.S. and...
Threat Signal Report
VERSA DIRECTOR DANGEROUS FILE TYPE UPLOAD VULNERABILITY (CVE-2024-39717)
Aug 27, 2024
What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous
file type upload vulnerability (CVE-2024-39717) that allows attackers to upload
potentially malicious files, granting...
Outbreak Alert
JENKINS RCE ATTACK
Aug 20, 2024
Cyber threat actors target Jenkins Arbitrary File Read vulnerability
(CVE-2024-23897) in ransomware attacks. FortiGuard Labs continues to see active
attack telemetry targeting the vulnerability.
Threat Signal Report
MICROSOFT MULTIPLE ACTIVELY EXPLOITED VULNERABILITIES
Aug 14, 2024
What are the Vulnerabilities?Threat actors are exploiting multiple zero-day
vulnerabilities that were recently disclosed on the Microsoft Security Updates-
August 2024. The six actively exploited...
Outbreak Alert
SERVICENOW REMOTE CODE EXECUTION ATTACK
Jul 30, 2024
FortiGuard Labs continue to observe attack attempts targeting the recent
ServiceNow Platform vulnerabilities (CVE-2024-4879, CVE-2024-5217, &
CVE-2024-5178). When chained together, could lead to...
Threat Signal Report
SNAKEKEYLOGGER ATTACK
Aug 01, 2024
What is the Attack?Threat actors are continuously preying on end users to
unknowingly install a trojan stealer known as SnakeKeylogger or KrakenKeylogger.
This trojan was developed using .NET and...
Threat Signal Report
VMWARE ESXI RANSOMWARE ATTACK (CVE-2024-37085)
Jul 31, 2024
What is the Attack?Threat actors are exploiting an authentication bypass
vulnerability in ESXi hypervisors, known as CVE-2024-37085, to gain full
administrative permissions on domain-joined ESXi...
Threat Signal Report
SERVICENOW IMPROPER INPUT VALIDATION VULNERABILITY (CVE-2024-4879)
Jul 29, 2024
What is the vulnerability?A critical input validation vulnerability
(CVE-2024–4879) is identified in ServiceNow’s Now platform hosted in Vancouver
and Washington DC, exploiting this vulnerability...
Threat Signal Report
THREAT ACTORS LEVERAGING THE RECENT CROWDSTRIKE UPDATE OUTAGE
Jul 19, 2024
What is the Threat?FortiGuard Labs is aware of the campaigns used by threat
actors to spread malware, using phishing and scams to take advantage of the
recent widespread global IT outage affecting...
Threat Signal Report
SOLARWINDS SERV-U INFORMATION DISCLOSURE VULNERABILITY (CVE-2024-28995)
Jul 17, 2024
What is the Vulnerability?A Directory Traversal Vulnerability in SolarWinds
Serv-U software is being actively exploited in the wild. Tracked as
CVE-2024-28995, the vulnerability is due to improper...
Threat Signal Report
WINDOWS MSHTML PLATFORM SPOOFING VULNERABILITY (CVE-2024-38112)
Jul 16, 2024
What is the Vulnerability?CVE-2024-38112 is a spoofing vulnerability in Windows
MSHTML Platform. The attacker can abuse internet shortcuts and Microsoft
protocol handlers to execute malicious...
Threat Signal Report
PROGRESS TELERIK REPORT SERVER AUTHENTICATION BYPASS VULNERABILITY
Jul 08, 2024
What is the Vulnerability?Progress Telerik Report Server contains an
authorization bypass by spoofing vulnerability, allowing an attacker to bypass
authentication and create rogue administrator...
Threat Signal Report
BRAIN CIPHER RANSOMWARE ATTACK
Jun 28, 2024
What is the attack?A significant ransomware attack has struck Pusat Data
Nasional (PDN), one of Indonesia’s government-owned national data centers. This
incident involved threat actors encrypting...
Threat Signal Report
POLYFILL.IO SUPPLY CHAIN ATTACK
Jun 26, 2024
What is the attack?Over 100,000+ sites have been impacted by a supply chain
attack involving the Polyfill.io service. Polyfill is a popular tool used for
enhancing browser capabilities by hundreds...
Outbreak Alert
APACHE OFBIZ RCE ATTACK
Jun 25, 2024
FortiGuard Labs continues to observe attack attempts targeting the recent Apache
OFBiz vulnerabilities (CVE-2024-38856 and CVE-2024-36104) that can be exploited
by threat actors through...
Outbreak Alert
IVANTI CONNECT SECURE AND POLICY SECURE ATTACK
Jun 25, 2024
Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect
Secure and Policy Secure gateways underway.
Outbreak Alert
PHP RCE ATTACK
Jun 10, 2024
FortiGuard Labs has observed significant level of exploitation attempts
targeting the new PHP vulnerability. The TellYouThePass ransomware gang has been
leveraging CVE-2024-4577, a remote code...
Threat Signal Report
ORACLE WEBLOGIC SERVER VULNERABILITIES (CVE-2023-21839, CVE-2017-3506)
Jun 04, 2024
What is the attack?A threat actor known as “8220 Gang” is seen exploiting two
vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows
remote OS command execution, and...
Outbreak Alert
RUSSIAN CYBER ESPIONAGE ATTACK
Sep 09, 2024
FortiGuard Labs continues to observe attack attempts exploiting the
vulnerabilities highlighted in the recent CISA advisory about Russian military
cyber actors. These actors are targeting U.S. and...
Threat Signal Report
VERSA DIRECTOR DANGEROUS FILE TYPE UPLOAD VULNERABILITY (CVE-2024-39717)
Aug 27, 2024
What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous
file type upload vulnerability (CVE-2024-39717) that allows attackers to upload
potentially malicious files, granting...
Outbreak Alert
JENKINS RCE ATTACK
Aug 20, 2024
Cyber threat actors target Jenkins Arbitrary File Read vulnerability
(CVE-2024-23897) in ransomware attacks. FortiGuard Labs continues to see active
attack telemetry targeting the vulnerability.
Threat Signal Report
MICROSOFT MULTIPLE ACTIVELY EXPLOITED VULNERABILITIES
Aug 14, 2024
What are the Vulnerabilities?Threat actors are exploiting multiple zero-day
vulnerabilities that were recently disclosed on the Microsoft Security Updates-
August 2024. The six actively exploited...
Outbreak Alert
SERVICENOW REMOTE CODE EXECUTION ATTACK
Jul 30, 2024
FortiGuard Labs continue to observe attack attempts targeting the recent
ServiceNow Platform vulnerabilities (CVE-2024-4879, CVE-2024-5217, &
CVE-2024-5178). When chained together, could lead to...
Threat Signal Report
SNAKEKEYLOGGER ATTACK
Aug 01, 2024
What is the Attack?Threat actors are continuously preying on end users to
unknowingly install a trojan stealer known as SnakeKeylogger or KrakenKeylogger.
This trojan was developed using .NET and...
Threat Signal Report
VMWARE ESXI RANSOMWARE ATTACK (CVE-2024-37085)
Jul 31, 2024
What is the Attack?Threat actors are exploiting an authentication bypass
vulnerability in ESXi hypervisors, known as CVE-2024-37085, to gain full
administrative permissions on domain-joined ESXi...
Threat Signal Report
SERVICENOW IMPROPER INPUT VALIDATION VULNERABILITY (CVE-2024-4879)
Jul 29, 2024
What is the vulnerability?A critical input validation vulnerability
(CVE-2024–4879) is identified in ServiceNow’s Now platform hosted in Vancouver
and Washington DC, exploiting this vulnerability...
Threat Signal Report
THREAT ACTORS LEVERAGING THE RECENT CROWDSTRIKE UPDATE OUTAGE
Jul 19, 2024
What is the Threat?FortiGuard Labs is aware of the campaigns used by threat
actors to spread malware, using phishing and scams to take advantage of the
recent widespread global IT outage affecting...
Threat Signal Report
SOLARWINDS SERV-U INFORMATION DISCLOSURE VULNERABILITY (CVE-2024-28995)
Jul 17, 2024
What is the Vulnerability?A Directory Traversal Vulnerability in SolarWinds
Serv-U software is being actively exploited in the wild. Tracked as
CVE-2024-28995, the vulnerability is due to improper...
Threat Signal Report
WINDOWS MSHTML PLATFORM SPOOFING VULNERABILITY (CVE-2024-38112)
Jul 16, 2024
What is the Vulnerability?CVE-2024-38112 is a spoofing vulnerability in Windows
MSHTML Platform. The attacker can abuse internet shortcuts and Microsoft
protocol handlers to execute malicious...
Threat Signal Report
PROGRESS TELERIK REPORT SERVER AUTHENTICATION BYPASS VULNERABILITY
Jul 08, 2024
What is the Vulnerability?Progress Telerik Report Server contains an
authorization bypass by spoofing vulnerability, allowing an attacker to bypass
authentication and create rogue administrator...
Threat Signal Report
BRAIN CIPHER RANSOMWARE ATTACK
Jun 28, 2024
What is the attack?A significant ransomware attack has struck Pusat Data
Nasional (PDN), one of Indonesia’s government-owned national data centers. This
incident involved threat actors encrypting...
Threat Signal Report
POLYFILL.IO SUPPLY CHAIN ATTACK
Jun 26, 2024
What is the attack?Over 100,000+ sites have been impacted by a supply chain
attack involving the Polyfill.io service. Polyfill is a popular tool used for
enhancing browser capabilities by hundreds...
Outbreak Alert
APACHE OFBIZ RCE ATTACK
Jun 25, 2024
FortiGuard Labs continues to observe attack attempts targeting the recent Apache
OFBiz vulnerabilities (CVE-2024-38856 and CVE-2024-36104) that can be exploited
by threat actors through...
Outbreak Alert
IVANTI CONNECT SECURE AND POLICY SECURE ATTACK
Jun 25, 2024
Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect
Secure and Policy Secure gateways underway.
Outbreak Alert
PHP RCE ATTACK
Jun 10, 2024
FortiGuard Labs has observed significant level of exploitation attempts
targeting the new PHP vulnerability. The TellYouThePass ransomware gang has been
leveraging CVE-2024-4577, a remote code...
Threat Signal Report
ORACLE WEBLOGIC SERVER VULNERABILITIES (CVE-2023-21839, CVE-2017-3506)
Jun 04, 2024
What is the attack?A threat actor known as “8220 Gang” is seen exploiting two
vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows
remote OS command execution, and...
SERVICES
* Network
* Application
* Files and Endpoint
* Security Operations
Select one for more details:
* Anti-recon and Exploit
* Botnet Domain Reputation DB
* Data Loss Prevention
* Indicators of Compromise
* Intrusion Protection
* IP Reputation/Anti-Botnet
* Internet Services
* Secure DNS
* Application Control
* Web Application Security (FADC)
* Client Application Firewall
* Web Application Security (FWB)
* OT Threat
* IoT Detection
* Web Filtering
* Inline-CASB Application Definitions
* AntiVirus
* IoT Detection
* Endpoint Detection and Response
* Endpoint Vulnerability
* Mobile Services
* Sandbox Engine
* FortiClient Outbreak Detection
* Breach Attack Simulation
* FortiNDR
* FortiDevSec
* FortiSIEM Outbreak Detection
* Outbreak Detection Service
* Pen Testing service
* Security Rating Services
* Outbreak Deception Service
CERTIFICATIONS
*
*
*
*
*
* Contact Us
* Legal
* Privacy
* Partners
* Feedback
*
*
*
*
*
Copyright © 2024 Fortinet, Inc. All Rights Reserved.