Fortinet Zero Day Actively Exploited
A Fortinet zero day (CVE-2024-47575) was officially disclosed last week, affecting Fortinet’s FortiManager platform used to control Fortinet devices including FortiGate firewalls. This flaw can enable RCE and control of FortiManager and managed devices.
Exploits of this vulnerability could indirectly affect VPN services only if an attacker compromises FortiManager and uses it to alter the settings of managed devices, potentially impacting firewall and network configurations, which might extend to VPN configurations.
More Attacks on U.S. Water Utilities
The largest water utility in the U.S. shut down its billing system in response to a cyber incident, marking yet another critical infrastructure attack. This follows a series of water infrastructure hacks, including three cities in Texas early this year which were eventually linked to Russian hacktivists by Mandiant. One of those resulted in a tank overflow, while another city utility unplugged and went into manual operation to protect their systems.
This might be a good time for a side note: one high profile water incident of recent years may not have been an attack at all. It was widely reported that hackers had attempted to access a water treatment facility in Oldsmar, Florida. But new evidence suggests it was not the work of an outside attacker and may instead have been a case of an overzealous employee.
U.S. Telecom Networks Targeted
The U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) is investigating alleged Chinese cyber intrusions targeting U.S. telecommunications networks. This breach reportedly aimed to intercept sensitive communications linked to prominent political figures. The FBI and CISA are involved in the inquiry, with the CSRB expected to recommend stronger security measures to protect telecom infrastructure from such threats. This incident highlights the increasing sophistication of cyber threats to critical U.S. infrastructure.
Continuing Healthcare Attacks
Ransomware continues to escalate for healthcare organizations, with new data from Sophos backing up what seems to be an alarming frequency of attacks. Two thirds of those surveyed reported suffering a ransomware attack in the past year.
Further, a new strain of ransomware called Trinity prompted the U.S. Department of Health and Human Services to publish an advisory in early October warning hospitals of the new strain, calling it a “significant threat.”
Vulnerabilities in Palo Alto Networks Migration Tool
A chain of vulnerabilities in Palo Alto Networks’ Expedition were discovered earlier this month. If used in combination, they could allow an attacker to read database contents and write files to the Expedition system. As explained on Vulnerable U, “The attacker would have access to cleartext passwords, device configurations, and API keys for the PAN-OS firewalls.” Find more about the CVEs from NIST: CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, and CVE-2024-9467 .
The Two Biggest Emerging Battlegrounds and Threats to National Security: Cyber and Space
As cybersecurity evolves, it’s essential to address not just terrestrial risks but emerging threats in space. Hear Xage’s CEO, Geoffrey Mattson, weigh in on the importance of replacing outdated methods with a zero-trust approach.