The Belsen Group has leaked sensitive configuration data and VPN credentials from more than 15,000 FortiGate firewall devices, linked to a critical zero-day vulnerability, posing significant security risks to organizations worldwide.
Organizations increasingly adopt hybrid and multi-cloud strategies for scalability and flexibility, yet face significant security and compliance challenges, with a notable skills gap in cloud security expertise.
Fortinet has revealed a critical zero-day vulnerability, CVE-2024-55591, affecting its FortiGate firewalls and FortiOS systems, which allows unauthenticated remote attackers to gain super-admin privileges and execute unauthorized code.
Research by Secureworks CTU reveals that Nickel Tapestry, a North Korean threat actor, orchestrated a fraudulent IndieGoGo campaign in 2016, raising $20,000 under false pretenses as part of a broader strategy to engage in various illicit money-making schemes.
A collaborative operation led by the US Department of Justice and French authorities, in partnership with cybersecurity firm Sekoia.io, has successfully eradicated the PlugX malware, a remote access Trojan linked to the Chinese hacking group Mustang Panda, from thousands of computers worldwide.
Microsoft’s January 2025 Patch Tuesday update fixes 161 vulnerabilities, including three critical zero-day exploits affecting Hyper-V, which are currently under active exploitation.
