Topics
up-to-the-minute
AI
Amazon
Image Credits:JHVEPhoto / Getty Images
Apps
Biotech & Health
clime
Image Credits:JHVEPhoto / Getty Images
Cloud Computing
mercantilism
Crypto
Enterprise
EVs
Fintech
fund-raise
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
newssheet
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
surety researchers say malicious hacker have been exploiting a fresh reveal exposure in Fortinet firewalls to fail into corporate and enterprise web .
In anadvisory published Tuesday , security product maker Fortinet confirmed that a critical - rated vulnerability in its FortiGate firewall , tracked as CVE-2024 - 55591 , is “ being exploited in the natural state . ”
Fortinet made patches uncommitted , but security measures researcher have warned that hackers have been spate - exploiting the exposure as a zero - sidereal day — meaning before Fortinet was aware of the exposure and made fixes useable — since December .
This is the late example of hackers exploiting a vulnerability in a popular go-ahead security intersection designed to protect corporate networks from interloper . intelligence of the Fortinet bug bring down day after it was revealed thatattackers are work a separate zero - mean solar day flaw in Ivanti VPN serversthat allows access to customers ’ networks .
Cybersecurity company Arctic Wolf said in ablog postlast workweek that its investigator observe a late “ wad exploitation ” drive move Fortinet FortiGate firewall devices with direction interface expose to the public internet .
Stefan Hostetler , lead threat intelligence researcher at Arctic Wolf , support to TechCrunch that this observed exploitation is link up to the newly confirmed CVE-2024 - 55591 vulnerability in Fortinet firewall .
Hostetler say TechCrunch that Arctic Wolf had “ abide by a clustering of usurpation dissemble Fortinet machine in the tens , ” but notes that this only represents a “ limited sample compared to the full actual phone number of machine that were likely affected . ”
“ The evidence points to an effort to overwork a large figure of devices within a narrow sentence frame , ” add together Hostetler .
When reached by TechCrunch , Fortinet spokesperson Tiffany Curci decline to say how many Fortinet customer were compromised as a result of this hacking campaign , but said that the company was “ proactively intercommunicate with customers . ”
It ’s also unclear who is behind the attacks on Fortinet firewall , but cybersecurity investigator Kevin Beaumontwrites on Mastodonthat the exposure is “ under development by a ransomware manipulator . ”
Hostetler said that ransomware attack exploit the germ are “ not off the table , ” mark that in previous research , Arctic Wolf “ observed affiliate of ransomware groups such as Akira and Fog using some of the same internet providers to establish VPN connectivity . ”
Ina brief statementon Tuesday , U.S. cybersecurity CISA urged Fortinet client to update any affected devices .
In September , Fortinet disclosed a breachinvolving customer data after an attacker get at “ a modified number of file ” lay in on a third - party shared swarm effort belonging to the constitution .
