Alerts | Guyana National CIRT

Update: FortiOS vulnerability allows system files to be leaked through SSL VPNs via specially made HTTP resource requests. (November 26, 2020)

A path traversal vulnerability in the FortiOS SSL VPN web portal may allow attackers to gain unauthorized access to system files. This is done through specially crafted HTTP resource requests. The vulnerability as been classified as CVE-2018-13379.

The affected products are:

Read more about Update: FortiOS vulnerability allows system files to be leaked through SSL VPNs via specially made HTTP resource requests. (November 26, 2020)

Emotet malware's new 'Windows Update' attachment (22nd October 2020)

Description

Read more about Emotet malware's new 'Windows Update' attachment (22nd October 2020)

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service (2nd November 2020)

Description

Read more about New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service (2nd November 2020)

Microsoft Teams Phishing attack Targets Office 365 Users (22nd October 2020)

Description

Read more about Microsoft Teams Phishing attack Targets Office 365 Users (22nd October 2020)

Vulnerabilities in Palo Alto PAN-OS (9th September 2020)

Description

Palo Alto Network Security has identified several security vulnerabilities related to their PAN-OS.

Summary

Read more about Vulnerabilities in Palo Alto PAN-OS (9th September 2020)