New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things (IoT) devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency.
"The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal device resources for mining operations," Microsoft threat intelligence researcher Rotem Sde-Or said. Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Russia-Backed Media Outlets Are Under Fire in the US—but Still Trusted Worldwide
The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world. Read More
New Linux glibc flaw lets attackers get root on major distros
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc). […] Read More
Fortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript Code
A high-severity cross-site scripting (XSS) vulnerability tracked as (CVE-2023-29183) affecting several FortiOS and FortiProxy versions has been patched by Fortinet.
Additionally, the cybersecurity firm provided updates for a high-severity flaw in FortiWeb, tracked as (CVE-2023-34984).
“A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system,” CISA warns.
CVE-2023-29183 – FortiOS & FortiProxy
The vulnerability was tracked as CVE-2023-29183 (CVSS score of 7.3) in FortiOS and FortiProxy GUI. An inappropriate neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability exists.
“This may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting,” Fortinet said in its advisory.
Attend the Live DDoS Website & API Attack Simulation webinar to gain knowledge on various types of attacks and how to prevent them.
Affected Products
FortiProxy version 7.2.0 through 7.2.4
FortiProxy version 7.0.0 through 7.0.10
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
FortiOS version 6.2.0 through 6.2.14
Patch Available
FortiProxy version 7.2.5 or above
FortiProxy version 7.0.11 or above
FortiOS version 7.4.0 or above
FortiOS version 7.2.5 or above
FortiOS version 7.0.12 or above
FortiOS version 6.4.13 or above
FortiOS version 6.2.15 or above
CVE-2023-34984 – FortiWeb
The vulnerability was tracked as CVE-2023-34984 (CVSS score of 7.1) in FortiWeb. A protection mechanism failure vulnerability may allow an attacker to bypass XSS and CSRF protection.
Affected Products
FortiWeb version 7.2.0 through 7.2.1
FortiWeb version 7.0.0 through 7.0.6
FortiWeb 6.4, all versions
FortiWeb 6.3, all versions
Patch Available
FortiWeb version 7.2.2 or above
FortiWeb version 7.0.7 or above
Hence, users of Fortinet are urged to upgrade their switches and firewalls as soon as possible.