GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 13-Oct-2024 19:59:50 JST Kevin Beaumont Kevin Beaumont

    Hello everybody. If you use FortiManager from FortiNet you should grab the latest available release from the support portal and upgrade now - do it this weekend if it is facing the internet. #threatintel https://mastodon.green/@fthy/113299522822025433

    In conversation about a month ago from cyberplace.social permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      fthy (@fthy@mastodon.green)
      from fthy
      Patch your FortiManager now. Limit access to it to only from dedicated jump-servers. #fortinet #fortimanager #infosec
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 13-Oct-2024 20:16:45 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Stealth rewrite as patches aren’t available yet.

      In conversation about a month ago permalink
    • Embed this notice
      Expertenkommision Cyberunfall (expertenkommision_cyberunfall@mastodon.social)'s status on Sunday, 13-Oct-2024 21:54:21 JST Expertenkommision Cyberunfall Expertenkommision Cyberunfall
      in reply to

      @GossiTheDog

      Oh, is it Fortigate-Time again?

      In conversation about a month ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 14-Oct-2024 00:02:01 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Different vuln from earlier this year, but same component, to give scale of unpatched Forti problem. https://infosec.exchange/@shadowserver/113300701642489996

      In conversation about a month ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: media.infosec.exchange
        The Shadowserver Foundation (@shadowserver@infosec.exchange)
        from The Shadowserver Foundation
        Attached: 2 images We are now reporting in our feeds Fortinet IPs still likely vulnerable to CVE-2024-23113 (format string pre-auth RCE). This vulnerability is known to be exploited in the wild. 87,390 IPs found on 2024-10-12 scan. Top: US (14K), Japan (5.1K), India (4.8K) We are sharing daily feeds of vulnerable IPs in our Vulnerable HTTP report: https://shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ You can track CVE-2024-23113 vulnerable instances over time on our Dashboard: https://dashboard.shadowserver.org/statistics/combined/time-series/?date_range=other&d1=2024-10-09&d2=2024-10-12&source=http_vulnerable&source=http_vulnerable6&tag=cve-2024-23113%2B&dataset=unique_ips&style=stacked Patch details from Fortinet (Feb 8th, 2024): https://fortiguard.com/psirt/FG-IR-24-029 Note this vulnerability has been added recently to the US CISA's Known Exploited Vulnerabilities catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.