iNext Global Technologies’ Post

For all my fellow technologists out there, I know it’s easy to think we’re in a better position by implementing security controls like firewalls, but nothing comes the way you need it off the shelf. The second you unwrap an appliance, update the firmware/software and apply any outstanding security patches, and tailor it to your org. No firewall should be configured any/any. Make sure you stay on top of vendor security, and always test before you deploy in production.

Cyber Security News ® Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely | Source: https://lnkd.in/gzJM6HXc Fortinet has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products. The vulnerabilities, which can allow unauthorized code execution and sensitive file read access, demand immediate attention to mitigate risks. OS Command Injection in FortiManager (CVE-2024-48889) Limited File Read in FortiWLM (CVE-2023-34990)

CVE-2024-48889: OS Command Injection vulnerability in Fortinet's FortiManager. Score: 7.2 Severity: High Affected Versions: 7.6 and below https://lnkd.in/dUXbi2mt

Cyber Security News ® Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely | Source: https://lnkd.in/gzJM6HXc Fortinet has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products. The vulnerabilities, which can allow unauthorized code execution and sensitive file read access, demand immediate attention to mitigate risks. OS Command Injection in FortiManager (CVE-2024-48889) Limited File Read in FortiWLM (CVE-2023-34990)

CISA strongly encourages users and administrators to apply the necessary updates, hunt for any malicious activity, assess potential risk from service providers, report positive findings to CISA! #Fortinet #CyberSecurity #Vulnerability #FortiManager #ThreatIntelligence #CompromiseIndicators #NetworkSecurity #InfoSec #SecurityUpdates #RiskManagement

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. FR-IR-23-390: FortiClientEMS - CSV injection in log download feature FR-IR-23-328: FortiOS, FortiProxy - Out-of-bounds Write in captive portal  FR-IR-24-013: FortiOS, FortiProxy - Authorization bypass in SSLVPN bookmarks FR-IR-23-103: FortiWLM MEA for FortiManager - Improper access control in backup and restore features FR-IR-24-007: Pervasive SQL injection in DAS component

I am pleased to announce the publication of our latest blog post examining CVE-2024-49217, a notable privilege escalation vulnerability found in Madiri software. As cybersecurity threats continue to evolve, understanding and addressing such vulnerabilities is more crucial than ever. This post delves into the specifics of the CVE-2024-49217 vulnerability, detailing how it can potentially allow attackers to escalate their privileges, leading to unauthorized access and the execution of malicious actions within affected systems. We emphasize the importance of timely awareness and the necessity of implementing patches to protect sensitive system functions. Stay informed and proactive in your cybersecurity measures. Read the full article here: https://buff.ly/4f8MnbH.

We are excited to share our latest blog post discussing the newly identified cybersecurity vulnerability, CVE-2024-54148, associated with Gogs, a widely used self-hosted Git service. This post delves into the implications of the symlink attack, which allows malicious actors to create symbolic links that can compromise system integrity. Understanding this vulnerability is critical for organizations that utilize Gogs for version control. We encourage you to read the full article to enhance your cybersecurity awareness and preparedness. Read more here: https://buff.ly/3BzHXg6

Why is patch management important? 1️⃣ Reduced vulnerability and minimises exposure to security risks 2️⃣ Improved security by fixing known vulnerabilities and weaknesses 3️⃣ Compliance - meets regulatory and industry standards 4️⃣ Reduces system crashes and downtime 5️⃣ Better incident response because it can quickly respond to emerging threats Read more https://loom.ly/8A--XKA #cloudbackup #ManagedITServices #CyberSecurity #Accountants #Lawyers #ProfessionalServices #RecruitmentAgencies #ITBackbone #ITSecurity #Microsoft

Regular maintenance helps in identifying and resolving performance bottlenecks, ensuring your applications run faster and more efficiently. Keeping your database updated with the latest patches protects your data against vulnerabilities and cyber threats. - 🌐 https://networkmavens.com . . . . #databasemaintenance #performanceoptimization #datasecurity #cyberthreatprotection #systemefficiency #applicationperformance #patchmanagement #regularupdates #bottleneckresolution #vulnerabilitymanagement #efficientoperations #securitypatches #techmaintenance #databasesecurity #systemupdates #dataprotection #maintenancematters #cybersecurity #patchupdates #systemperformance