Systems Engineering is aware of the Fortinet FortiManager missing authentication for critical function vulnerability in the fgfmd process, CVE-2024-47575. Reports have shown this vulnerability to be exploited in the wild.
SECURITY ALERT: FortiManager Vulnerability Actively Exploited as Zero-Day | CVE-2024-47575
The following is provided for reference purposes and to inform clients as to which versions of these common products are supported by the manufacturer and therefore covered under our service terms.
The need for cyber risk management is growing exponentially. The threat of cybersecurity risks within small—to medium-sized businesses (SMBs) keeps many business leaders up at night. The business-wide disruption that a successful cyberattack brings and the increasing number of SMBs falling victim to cybercrime each year mean cyber risk can no longer solely be the responsibility of IT.
With digital transformation a necessity, cybersecurity threats accelerating, and compliance requirements evolving, having resources that can tackle the complexities of decision-making and investment for these major issues and initiatives is essential. It can become overwhelming for an executive leader or IT staff to bear the entire burden of making choices that span security, vendor management, and technology adoption.
SECURITY BULLETIN: DigiCert Certificate Revocation Incident - Potential Business Impact
Late yesterday, DigiCert announced a critical incident involving the revocation of a subset of TLS/SSL certificates due to a domain control verification (DCV) issue. While necessary to maintain security standards, this action could potentially disrupt services for some organizations that rely on DigiCert certificates to secure public and private web services.
As a business leader, are you aware of the latest cyber threats that could be compromising your company's security? Recently, we have witnessed a surge in a type of cyberattack known as password spraying, where cybercriminals exploit common usernames and passwords to gain unauthorized access.
We are aware of an outage that is continuing to affect Microsoft Windows hosts. The issue stems from a content update to cybersecurity firm CrowdStrike’s Falcon Sensor software. While the issue has been identified and the fix deployed, the impacts of this outage are still being reported worldwide.