FortiGuard Outbreak Alerts
FortiGuard Outbreak Alerts provides key information about on-going cybersecurity attack with significant ramifications affecting numerous companies, organizations and industries.
Outbreak Alerts include:
- A narrative of the attack, its timeline and affected technologies.
- An embodiment of extensive FortiGuard solutions using security industry standards.
- A comprehensive list of Fortinet solutions and subscriptions to break the attack sequence and tools for threat hunting.
- A list of related resources and researches from FortiGuard Labs.
Outbreak
Description
Updated Date
Severity
IoCs
ConnectWise ScreenConnect Attack
CVE-2024-1709 | CVE-2024-1708
CVE-2024-1709 | CVE-2024-1708
Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote...
Mar 11, 2024
Released: Feb 27, 2024
Released: Feb 27, 2024
Critical
Severity
Ivanti Connect Secure and Policy Secure Attack
CVE-2023-46805 | CVE-2024-21887 | CVE-2024-21888 | CVE-2024-21893 | CVE-2024-22024
CVE-2023-46805 | CVE-2024-21887 | CVE-2024-21888 | CVE-2024-21893 | CVE-2024-22024
Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect Secure and Policy Secure...
Feb 29, 2024
Released: Jan 23, 2024
Released: Jan 23, 2024
Critical
Severity
Outbreak Alert- Annual Report 2023
FortiGuard Labs published a total of 38 Outbreak Alerts in the year 2023 comprising of 23 Significant...
Released: Feb 14, 2024
Critical
Severity
Androxgh0st Malware Attack
CVE-2021-41773 | CVE-2017-9841 | CVE-2018-15133
CVE-2021-41773 | CVE-2017-9841 | CVE-2018-15133
FortiGuard Labs continue to observe widespread activity of Androxgh0st Malware in the wild exploiting...
Jan 17, 2024
Released: Jan 17, 2024
Released: Jan 17, 2024
High
Severity
Adobe ColdFusion Access Control Bypass Attack
CVE-2023-26347 | CVE-2023-38205 | CVE-2023-29298 | CVE-2023-38203
CVE-2023-26347 | CVE-2023-38205 | CVE-2023-29298 | CVE-2023-38203
FortiGuards labs observed extremely widespread exploitation attempts relating to security bypass...
Jan 16, 2024
Released: Jan 16, 2024
Released: Jan 16, 2024
High
Severity
Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-29357
CVE-2023-29357
CVE-2023-29357 is an authentication bypass vulnerability, which means that adversaries may use it to...
Jan 10, 2024
Released: Jan 10, 2024
Released: Jan 10, 2024
High
Severity
JetBrains TeamCity Authentication Bypass Attack
CVE-2023-42793
CVE-2023-42793
Multiple Threat actors seen exploiting the authentication bypass flaw in JetBrains TeamCity that could...
Dec 15, 2023
Released: Dec 15, 2023
Released: Dec 15, 2023
High
Severity
Lazarus RAT Attack
CVE-2021-44228
CVE-2021-44228
A new campaign conducted by the Lazarus Group is seen employing new DLang-based Remote Access Trojans...
Dec 12, 2023
Released: Dec 12, 2023
Released: Dec 12, 2023
High
Severity
Apache ActiveMQ Ransomware Attack
CVE-2023-46604
CVE-2023-46604
Ransomware attackers are targeting servers running outdated and vulnerable versions of Apache ActiveMQ by...
Nov 06, 2023
Released: Nov 06, 2023
Released: Nov 06, 2023
High
Severity
Citrix Bleed Attack
CVE-2023-4966
CVE-2023-4966
CVE-2023-4966 is being widely exploited, with multiple threat actors, including ransomware groups,...
Nov 02, 2023
Released: Nov 02, 2023
Released: Nov 02, 2023
High
Severity