Tag: authentication
3 attack reports | 0 vulnerabilities
Attack reports
FortiManager fgfmd vulnerability indicators
A critical vulnerability in FortiManager's fgfmd daemon allows remote unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. This vulnerability, classified as CWE-306 (Missing Authentication for Critical Function), has been exploited in the wild. The attack …
Downloadable IOCs 3
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
The BlackByte ransomware group continues leveraging established tactics and vulnerable drivers to bypass security controls, while also incorporating newly disclosed vulnerabilities and using stolen credentials for propagation. A new iteration of their encryptor appends the 'blackbytent_h' extension…
Downloadable IOCs 4
Threat actor impersonates Google via fake ad for Authenticator
An unknown threat actor created a deceptive advertisement that appeared as if it was from a reputable company, enticing users to click on it and visit a malicious website. The site hosted a digitally signed malicious file disguised as a popular multi-factor authentication application. Upon executio…
Downloadable IOCs 5
FortiManager fgfmd vulnerability indicators
A critical vulnerability in FortiManager's fgfmd daemon allows remote unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. This vulnerability, classified as CWE-306 (Missing Authentication for Critical Function), has been exploited in the wild. The attack …
Downloadable IOCs 3
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
The BlackByte ransomware group continues leveraging established tactics and vulnerable drivers to bypass security controls, while also incorporating newly disclosed vulnerabilities and using stolen credentials for propagation. A new iteration of their encryptor appends the 'blackbytent_h' extension…
Downloadable IOCs 4
Threat actor impersonates Google via fake ad for Authenticator
An unknown threat actor created a deceptive advertisement that appeared as if it was from a reputable company, enticing users to click on it and visit a malicious website. The site hosted a digitally signed malicious file disguised as a popular multi-factor authentication application. Upon executio…
Downloadable IOCs 5
FortiManager fgfmd vulnerability indicators
A critical vulnerability in FortiManager's fgfmd daemon allows remote unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. This vulnerability, classified as CWE-306 (Missing Authentication for Critical Function), has been exploited in the wild. The attack …
Downloadable IOCs 3
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
The BlackByte ransomware group continues leveraging established tactics and vulnerable drivers to bypass security controls, while also incorporating newly disclosed vulnerabilities and using stolen credentials for propagation. A new iteration of their encryptor appends the 'blackbytent_h' extension…
Downloadable IOCs 4
Threat actor impersonates Google via fake ad for Authenticator
An unknown threat actor created a deceptive advertisement that appeared as if it was from a reputable company, enticing users to click on it and visit a malicious website. The site hosted a digitally signed malicious file disguised as a popular multi-factor authentication application. Upon executio…
Downloadable IOCs 5