Gears & Gadgets

Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

Enlarge Getty Images The FBI and the Cybersecurity and Infrastructure Security Agency said that advanced hackers are likely exploiting critical vulnerabilities in the Fortinet FortiOS VPN in an attempt to plant a beachhead to breach medium and large-sized businesses in later attacks. “APT actors may use these vulnerabilities or other common exploitation techniques to gain […]

Gears & Gadgets

Critics fume after Github removes exploit code for Exchange vulnerabilities

Enlarge Github Github has ignited a firestorm after the Microsoft-owned code-sharing repository removed a proof-of-concept exploit for critical vulnerabilities in Microsoft Exchange that have led to as many as 100,000 server infections in recent weeks. ProxyLogon is the name that researchers have given both to the four Exchange vulnerabilities under attack in the wild and […]

Gears & Gadgets

SolarWinds patches vulnerabilities that could allow full system control

Enlarge Getty Images SolarWinds, the previously little-known company whose network-monitoring tool Orion was a primary vector for one of the most serious breaches in US history, has pushed out fixes for three severe vulnerabilities. Martin Rakhmanov, a researcher with Trustwave SpiderLabs, said in a blog post on Wednesday that he began analyzing SolarWinds products shortly […]