Fortinet has released a patch an advisory on a recent critical authentication bypass vulnerabilities affecting FortiOS, FortiProxy, and FortiSwitchManager. The authentication bypass bug, CVE-2022-40684, allows an unauthenticated user to perform administrative functions through maliciously crafted HTTPS requests. Account owners with affected devices have been notified early last week prior to their public release to update

Continue Reading

Google has recently reported that their Cloud Armor service blocked the largest DDoS attack ever recorded. A DDoS, or distributed denial-of-service is a malicious attack where excessive amounts of requests are sent to a target. It’s intended to crash a website or server, affect performance and availability for legitimate traffic, or increase hosting and resource

Continue Reading

Apple has released updates patching two critical vulnerabilities recently discovered. An application is able to use this vulnerability to run malicious code and gain Kernel privilege, which is the highest privilege allowing full control of the device. These vulnerabilities may have been previously exploited by hackers in likely targeted attacks. The affected devices include: macOS

Continue Reading

VMware has released patches for bugs and vulnerabilities, including a critical authentication bypass bug. This bug allowed a user to gain administrator privileges without authentication. Products affected include VMware Workspace ONE, VMware Identity Manager, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager software programs. Many of the patches have at least a moderate CVS

Continue Reading

Mangatoon, the manga and comic reading platform, has suffered a data breach exposing the data of over 20 million accounts. The hacker was able to steal this data by accessing an unsecured or misconfigured database. BleepingComputer in their report was able to confirm their hack method and was able to verify a data sample to

Continue Reading

Apple has announced it is working in a new feature called “Lockdown Mode.” This new feature will protect users from different types of cyberattacks, especially highly targeted spyware. Along with a grant for spyware threat research, these new additions are part of their initiative to protect users from highly targeted cyberattacks. Lockdown Mode, when turned

Continue Reading

As environments and networks grow and become more complex, it is more critical to secure those busy networks and different devices. Microsoft has announced that Microsoft Defender for Endpoint will offer additional security for Android and iOS devices. Extra features like alerts for vulnerabilities, rouge devices, and protection for wireless (Wi-Fi) networks. Learn more about

Continue Reading