Advertisement
Top
image credit: Unsplash

FortiOS flaw was exploited to compromise governmental targets (CVE-2022-42475)

January 13, 2023

Via: Help Net Security
Category:

A critical vulnerability in FortiOS SSL-VPN (CVE-2022-42475) that Fortinet has issued patches for in November 2022 has been exploited by attackers to compromise governmental or government-related targets, the company has shared.

Fortinet says the attackers have advanced capabilities: they were able to reverse-engineer various parts of FortiOS to help them with the creation of the exploit, and use a Linux-based implant that was custom-made to run on that operating system.

Read More on Help Net Security

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Post-LockBit, How Will the Ransomware Ecosystem Evolve?
Email forwarding flaws enable attackers to impersonate high-profile domains

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!