article thumbnail

Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb

Security Affairs

The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756 , are respectively an external control of file name or path in Fortinet FortiNAC and a collection of stack-based buffer overflow issues in the proxy daemon of FortiWeb. is an external control of file name or path in the keyUpload scriptlet of FortiNAC.

article thumbnail

W4SP Stealer Stings Python Developers in Supply Chain Attack

Dark Reading

Threat actors continue to push malicious Python packages to the popular PyPI service, striking with typosquatting, authentic sounding file names, and hidden imports to fool developers and steal their information.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New SPIKEDWINE APT group is targeting officials in Europe

Security Affairs

The ZIP archive contains an HTA file named wine.hta that contains obfuscated JavaScript code. The campaign is characterized by its very low volume and the advanced tactics, techniques, and procedures (TTPs) employed by the threat actors.

Archiving 104
article thumbnail

PoC exploit code for critical Fortinet FortiNAC bug released online

Security Affairs

The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756 , are respectively an external control of file name or path in Fortinet FortiNAC and a collection of stack-based buffer overflow issues in the proxy daemon of FortiWeb. is an external control of file name or path in the keyUpload scriptlet of FortiNAC.

article thumbnail

Qakbot operations continue to evolve to avoid detection

Security Affairs

“Most recently, threat actors have transformed their techniques to evade detection by using ZIP file extensions, enticing file names with common formats, and Excel (XLM) 4.0 ThreatLabz reported that the attackers are using various different file names to disguise attachments designed to deliver Qakbot.

article thumbnail

Email Campaign Spreads StrRAT Fake-Ransomware RAT

Threatpost

Microsoft Security discovered malicious PDFs that download Java-based StrRAT, which can steal credentials and change file names but doesn't actually encrypt.

article thumbnail

Previously undetected ThirdEye malware appears in the threat landscape

Security Affairs

Fortinet started investigating the threat after the discovery of an archive file with a file name in Russian, “Табель учета рабочего времени.zip” (“time sheet” in English). The zip archive contains two files with.exe extension preceded by another document-related extension (double extension). ” concludes the report.