Fortinet has issued a warning on a vulnerability affecting several versions of Fortinet FortiOS used in its FortiGate secure socket layer virtual private network (SSL VPN) and firewall products.
The security flaw is tracked as CVE-2022-42475 which is rated Critical and assigned a CVSS score of 9.3 out of 10. The attacks are said to be complex and highly targeted at “governmental or government-related targets.”
FortiOS is a network security operating system developed by Fortinet, Inc which provides a comprehensive set of networking and security features for organizations across all industries.
Cisco has warned of two security vulnerabilities affecting Small Business Routers which have reached end-of-life (EoL). Both vulnerabilities could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.
Telegram takeover involving a money transfer scam has been active in Brunei Darussalam since last year and a recent spike in this scam has been reported to BruCERT in the past month. This is a worrying trend as a growing number of individuals have fallen victim and transferred funds ranging from $200 to $1,000 to the scammers. It is suspected that the number of unreported cases is much higher.
The scam is initiated by hijacking a user’s Telegram account, then using the compromised account to request for money from people in the user’s contact list.