Latest news with #NationalVulnerabilityDatabase
Engadget
6 days ago
- Engadget
Hundreds of Brother printer models have security flaw that can't be patched
A security company has found eight security vulnerabilities that impact hundreds of Brother printer models. The company has released firmware updates to handle seven of these vulnerabilities, but one security flaw cannot be patched. Brother has indicated that it'll fix the remaining issue during the manufacturing process of future printers, which doesn't help current owners. The company recommends that users change the default main password. Otherwise, bad actors could remotely access impacted devices. Though primarily impacting around 700 Brother printers, 59 units manufactured by Fujifilm, Toshiba, Ricoh and Konica Minolta are also at risk. To view this content, you'll need to update your privacy settings. Please click here and view the "Content and social-media partners" setting to do so. — Rapid7 (@rapid7) June 25, 2025 The security flaw is called CVE-2024-51978 in the National Vulnerability Database, and has a 9.8 'Critical' CVSS rating . Simply put, attackers could generate the default admin password so long as they know the serial number of the printer. Once this has been done, bad actors would be able to exploit the other seven vulnerabilities if the user didn't patch them up. These remaining flaws allow hackers to retrieve sensitive information, crash the device, open TCP connections, perform HTTP requests and reveal passwords for connected networks. So what should you do? Check this list of impacted printers to see if you're at risk . Most importantly, change the default password.
TECHx
12-05-2025
- Business
- TECHx
Fortinet Releases 2025 Cybersecurity Report with Key Threat
Home » Emerging technologies » Cyber Security » Fortinet Releases 2025 Cybersecurity Report with Key Threat Insights Fortinet® (NASDAQ: FTNT), a global cybersecurity company, has released its 2025 cybersecurity report. The Global Threat Landscape Report from FortiGuard Labs presents a detailed view of cyberattack trends and behaviors from 2024. The findings show that cybercriminals are increasing their use of automation, AI, and readily available tools. These methods are reducing the gap between attackers and defenders. The report draws from data mapped to the MITRE ATT&CK framework. It shows how threat actors are adapting faster and targeting vulnerabilities more aggressively. Derek Manky, Chief Security Strategist and Global VP of Threat Intelligence at Fortinet FortiGuard Labs, stated that attackers are moving at 'unprecedented speed and scale.' He emphasized that traditional security strategies are no longer enough. Organizations must now focus on proactive, intelligence-driven defenses using AI, zero trust models, and constant exposure management. One major trend observed is the surge in automated scanning. In 2024, there was a 16.7% increase globally, with cybercriminals scanning the internet for weak points at a rate of 36,000 scans per second. Attackers targeted services such as SIP, RDP, and OT/IoT protocols like Modbus TCP. Another key finding is the growing role of darknet marketplaces. These platforms now offer easy access to exploit kits and stolen credentials. In 2024, over 40,000 new vulnerabilities were added to the National Vulnerability Database, a 39% rise from 2023. Infostealer malware also contributed to a 500% increase in compromised system logs, with 1.7 billion stolen credential records shared online. AI is now a core tool for cybercriminals. Malicious use of AI platforms such as FraudGPT, BlackmailerV3, and ElevenLabs is making phishing attacks more convincing and harder to detect. These tools are not bound by ethical restrictions and can be used to create large-scale, believable attack campaigns. Targeted attacks on critical industries have intensified. Manufacturing was the most attacked sector in 2024 (17%), followed by business services (11%), construction (9%), and retail (9%). The United States experienced the highest volume of attacks (61%), with the UK and Canada following. Cloud and IoT environments are also under pressure. In 70% of incidents, attackers gained access via login attempts from unknown geographies. Common issues include open storage buckets and misconfigured services. Credentials remain a top asset for cybercriminals. In 2024, over 100 billion compromised records were posted on underground forums, a 42% increase year-over-year. More than half of darknet posts included leaked databases. Popular groups like BestCombo, BloddyMery, and ValidMail were active in validating and sharing stolen credentials, increasing the risk of account takeovers and fraud. To address these threats, Fortinet has included a 'CISO Playbook for Adversary Defense' in the report. It provides actionable recommendations for security teams: Shift from traditional detection to continuous threat exposure management. Simulate real-world attacks with red teaming and adversary emulation. Focus on high-risk vulnerabilities using frameworks like CVSS and EPSS. Monitoring darknet activity is also recommended to detect new ransomware tools and hacker activity early. FortiGuard Labs Advisory Services support organizations with expert guidance, threat simulation, and incident response. These services aim to reduce cyber risk and improve resilience against evolving threats. The 2025 cybersecurity report is a timely reminder of how fast the threat landscape is changing. Organizations are encouraged to adopt advanced tools and strategies to stay ahead.
Yahoo
28-04-2025
- Business
- Yahoo
Fortinet Threat Report Reveals Record Surge in Automated Cyberattacks as Adversaries Weaponize AI and Fresh Techniques
FortiGuard Labs 2025 Global Threat Landscape Report highlights a boom in Cybercrime-as-a-Service on the darknet, fueling a lucrative market for credentials, exploits, and access SUNNYVALE, Calif., April 28, 2025 (GLOBE NEWSWIRE) -- News Summary Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the release of the 2025 Global Threat Landscape Report from FortiGuard Labs. The latest annual report is a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The data reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders. 'Our latest Global Threat Landscape Report makes one thing clear: Cybercriminals are accelerating their efforts, using AI and automation to operate at unprecedented speed and scale,' said Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet FortiGuard Labs. 'The traditional security playbook is no longer enough. Organizations must shift to a proactive, intelligence-led defense strategy powered by AI, zero trust, and continuous threat exposure management to stay ahead of today's rapidly evolving threat landscape.' Key findings from the latest FortiGuard Labs Global Threat Landscape Report include: Automated scanning hits record highs as attackers shift left to identify exposed targets early. To capitalize on newfound vulnerabilities, cybercriminals are deploying automated scanning at a global scale. Active scanning in cyberspace reached unprecedented levels in 2024, rising by 16.7% worldwide year-over-year, highlighting a sophisticated and massive collection of information on exposed digital infrastructure. FortiGuard Labs observed billions of scans each month, equating to 36,000 scans per second, revealing an intensified focus on mapping exposed services such as SIP and RDP and OT/IoT protocols like Modbus TCP. Darknet marketplaces fuel easy access to neatly packaged exploit kits. In 2024, cybercriminal forums increasingly operated as sophisticated marketplaces for exploit kits, with over 40,000 new vulnerabilities added to the National Vulnerability Database, a 39% rise from 2023. In addition to zero-day vulnerabilities circulating on the darknet, initial access brokers are increasingly offering corporate credentials (20%), RDP access (19%), admin panels (13%), and web shells (12%). Additionally, FortiGuard Labs observed a 500% increase in the past year in logs available from systems compromised by infostealer malware, with 1.7 billion stolen credential records shared in these underground forums. AI-powered cybercrime is scaling rapidly. Threat actors are harnessing AI to enhance phishing realism and evading traditional security controls, making cyberattacks more effective and difficult to detect. Tools like FraudGPT, BlackmailerV3, and ElevenLabs are fueling more scalable, believable, and effective campaigns, without the ethical restrictions of publicly available AI tools. Targeted attacks on critical sectors intensify. Industries such as manufacturing, healthcare, and financial services continue to experience a surge in tailored cyberattacks, with adversaries deploying sector-specific exploitations. In 2024, the most targeted sectors were manufacturing (17%), business services (11%), construction (9%), and retail (9%). Both nation-state actors and Ransomware-as-a-Service (RaaS) operators concentrated their efforts on these verticals, with the United States bearing the brunt of attacks (61%), followed by the United Kingdom (6%) and Canada (5%). Cloud and IoT security risks escalate. Cloud environments continue to be a top target, with adversaries exploiting persistent weaknesses such as open storage buckets, over-permissioned identities, and misconfigured services. In 70% of observed incidents, attackers gained access through logins from unfamiliar geographies, highlighting the critical role of identity monitoring in cloud defense. Credentials are the currency of cybercrime. In 2024, cybercriminals shared over 100 billion compromised records on underground forums, a 42% year-over-year spike, driven largely by the rise of 'combo lists' containing stolen usernames, passwords, and email addresses. More than half of darknet posts involved leaked databases, enabling attackers to automate credential-stuffing attacks at scale. Well-known groups like BestCombo, BloddyMery, and ValidMail were the most active cybercriminal groups during this time and continue to lower the barrier to entry by packaging and validating these credentials, fueling a surge in account takeovers, financial fraud, and corporate espionage. CISO Takeaway: Strengthening Cyber Defenses Against Emerging ThreatsFortinet's Global Threat Landscape Report provides rich details on the latest attacker tactics and techniques while also delivering prescriptive recommendations and actionable insights. Designed to empower CISOs and security teams, the report offers strategies to counter threat actors before they strike, helping organizations stay ahead of emerging cyberthreats. This year's report includes a 'CISO Playbook for Adversary Defense' that highlights a few strategic areas to focus on: Shifting from traditional threat detection to continuous threat exposure management: This proactive approach emphasizes continuous attack surface management, real-world emulation of adversary behavior, risk-based remediation prioritization, and automation of detection and defense responses. Utilizing breach and attack simulation (BAS) tools to regularly assess endpoint, network, and cloud defenses against real-world attack scenarios ensures resilience against lateral movement and exploitation. Simulating real-world attacks: Conduct adversary emulation exercises, red and purple teaming, and leverage MITRE ATT&CK to test defenses against threats like ransomware and espionage campaigns. Reducing attack surface exposure: Deploy attack surface management (ASM) tools to detect exposed assets, leaked credentials, and exploitable vulnerabilities while continuously monitoring darknet forums for emerging threats. Prioritizing high-risk vulnerabilities: Focus remediation efforts on vulnerabilities actively discussed by cybercrime groups, leveraging risk-based prioritization frameworks such as EPSS and CVSS for effective patch management. Leveraging dark web intelligence: Monitor darknet marketplaces for emerging ransomware services and track hacktivist coordination efforts to preemptively mitigate threats like DDoS and web defacement attacks. Discover how FortiGuard Labs Advisory Services combine cutting-edge technology and expert services to help organizations strengthen their security posture before threats emerge. In the event of an incident, FortiGuard Labs offers swift, effective response and in-depth forensic analysis to minimize impact and prevent future intrusions, delivering comprehensive protection in today's increasingly volatile digital landscape. Additional Resources Download a copy of the 2025 Global Threat Landscape Report from FortiGuard Labs. Read the blog for valuable takeaways from this research. Learn more about FortiGuard Labs threat intelligence and research and outbreak alerts, which provide timely steps to mitigate breaking cybersecurity attacks. Learn about FortiAI and Fortinet's AI-driven innovations. Read more about the Fortinet Security Fabric, which brings end-to-end security to organizations of all sizes to prevent ransomware across all points of entry. Visit to learn about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products. Read about how Fortinet customers are securing their organizations. Learn about Fortinet's commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies. Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube. About FortinetFortinet (Nasdaq: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including Computer Emergency Response Teams ('CERTS'), government entities, and academia, is a fundamental aspect of Fortinet's commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet's elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at the Fortinet Blog, and FortiGuard Labs. Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAgent, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR and Lacework FortiCNAPP. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. Media Contact: Investor Contact: Analyst Contact: Travis AndersonFortinet, Inc.408-235-7700 pr@ Aaron OvadiaFortinet, Inc. 408-235-7700investors@ Brian Greenberg Fortinet, Inc.408-235-7700analystrelations@ in to access your portfolio
Forbes
16-04-2025
- Business
- Forbes
CIOs Face Unrealistic Expectations As CVE Program Faces Uncertainty
The Department of Homeland Security seal on the podium When news broke that funding for the Common Vulnerabilities and Exposures (CVE) database would expire on April 16, panic quickly spread through the infosec community. MITRE, the nonprofit that maintains the CVE program, confirmed it had secured a stopgap contract with the U.S. Department of Homeland Security—avoiding an immediate shutdown. But the scare underscored a deeper issue: the security industry's overreliance on a fragile system. Security leaders, especially CIOs and CISOs, now face a familiar theme: diversify, build internal tools, collaborate, and spend more. But while most of these suggestions are good in theory, they fall apart operationally. Yes, we should diversify our vulnerability intelligence central source. But let's be clear: most commercial databases, open-source feeds, or niche vendor advisories still depend on CVE IDs as the reference point. Without CVE, those systems degrade in accuracy or usability. Even the National Vulnerability Database (NVD), managed by the National Institute of Standards and Technology (NIST), acts as a centralized database of known vulnerabilities pulled from CVE. CISOs can't just switch feeds and expect the same coverage. Rebuilding that visibility requires money, time, and resources that many organizations lack. Investing in internal scanners or training teams to do vulnerability research sounds empowering, but it ignores the scale of the problem. Large enterprises can afford a red team that focuses on discovering and exploiting weaknesses across an organization's systems, people, and processes before real attackers do. Most mid-sized or smaller organizations? Not so much. Vulnerability management teams already run lean. Asking them to replicate what MITRE has done with a fraction of the budget is unrealistic. No number of certifications or workshops can replace a centralized, trusted source of vulnerability IDs and metadata. Industry groups like ISAC (Information Sharing and Analysis Center) can supplement knowledge but don't offer comprehensive coverage. Peer sharing is inconsistent and informal. Collaboration helps fill gaps—it doesn't replace structured vulnerability tracking at scale. And let's not pretend the average CISO or vulnerability engineer has time to manually parse peer alerts on top of everything else. Reallocating resources means cutting from somewhere else within the team. Subscriptions to new intelligence platforms and hiring analysts aren't just budgeting tasks because they divert funds from incident response or endpoint protection, which will weaken the overall security posture. It is a risk to reshuffle dollars and hope for the best. If we have a solid baseline, tracking the effectiveness of new tools and feeds makes sense. However, with the CVE program potentially unstable, what does security engineer compare against? Metrics lose meaning without a common framework like CVE to align definitions and scope. The end of MITRE's CVE program isn't a crisis, but it's also not an opportunity. CVE has never been a risk assessment tool; it's a catalog. Carter Groome, CEO at First Health Advisory, said, 'The reliance on CVE can't be overstated, and as the old adage says, you can manage what you don't measure.' CIOs and CISOs need realism, not idealism. Quick pivots and wishful strategies won't cut it. We need sustained investment in foundational infrastructure like CVE and a long-overdue rethink of defining and communicating vulnerability data across the ecosystem.
