critical vulnerability

FortiManager Vulnerability CVE-2024-47575 Under Active Exploitation by UNC5820 Threat Group

Posted: October 25, 2024

Categories: Security, vulnerability

Tags: fortinet security, critical vulnerability

Author: Npav Lab

Fortinet has disclosed an actively exploited critical vulnerability, CVE-2024-47575, impacting FortiManager and FortiAnalyzer devices, which has been attributed to threat cluster UNC5820. This flaw, labeled FortiJump, enables remote unauthenticated attackers to execute arbitrary code on compromised systems, allowing for data exfiltration and potential lateral movement across enterprise networks. The U.S. CISA has flagged this vulnerability for immediate federal agency action, urging rapid patching to prevent unauthorized access and data theft.

CISA Warns of Cyberattacks on Critical Infrastructure Using "Unsophisticated Methods"

Posted: September 26, 2024

Categories: Security, Cyber Attack, Hacking

Tags: cyber attacks, critical vulnerability

Author: Npav Lab

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding ongoing cyberattacks on critical infrastructure, particularly targeting Operational Technology (OT) and Industrial Control Systems (ICS). These attacks are being executed using basic methods, such as brute force attacks and exploiting default credentials, impacting vital sectors like water and wastewater systems.

Critical Vulnerability in TP-Link Gaming Router Exposes Users to Remote Code Attacks

Posted: June 04, 2024

Tags: tp-link, gaming router, critical vulnerability, code attacks

Author: Npav Lab

In a concerning development for cybersecurity, a maximum-severity security flaw has been discovered in the TP-Link Archer C5400X gaming router, potentially allowing rem