Featured Story
Critical Fortinet’s FortiClient EMS flaw actively exploited in the wild
Researchers from Horizon3 have developed a proof-of-concept (PoC) exploit for a critical vulnerability (CVE-2023-48788, CVSS score 9.3) in Fortinet’s FortiClient Enterprise Management Server (EMS). The flaw, a SQL injection in the DAS component, allows remote code execution through specially crafted requests. Fortinet has confirmed active exploitation in the wild. Affected users are urged to upgrade to FortiClientEMS version 7.2.3 or 7.0.11 depending on their current version.
C:\Program Files (x86)\Fortinet\FortiClientEMS\logs for suspicious connections.Other Stories
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
A vulnerability in Jenkins’ args4j library (CVE-2024-23897) enables unauthorized file reads and potential remote code execution. Attackers have already begun exploiting the flaw, with over 45,000 vulnerable servers detected. Exploits are spreading through HTTP, WebSocket, and SSH, targeting systems globally. Patches are available in Jenkins 2.442 and LTS 2.426.3.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware
Attackers are targeting JetBrains TeamCity On-Premises vulnerabilities (CVE-2024-27198 and CVE-2024-27199) to deploy ransomware and backdoors. These flaws allow full administrative control via authentication bypass. Patches have been released in version 2023.11.4, and a plugin is available for users unable to upgrade.
False e-mails circulating, impersonating Spa Grand Prix
Fraudulent emails claiming to be from Spa Grand Prix are offering fake gift vouchers to trick users into sharing bank details. These messages link to phishing websites that mimic the official Spa Grand Prix site.
verdacht@safeonweb.besuspect@safeonweb.besuspicious@safeonweb.beOur SOC is available to assess any potentially harmful messages.
