Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy

Jan 15, 2025 By Julian Tuin In Arctic Wolf
On January 14, 2025, Fortinet published a security advisory for CVE-2024-55591, an authentication bypass using an alternate path or channel vulnerability in FortiOS and FortiProxy. A remote threat actor can craft requests to the Node.js websocket module to gain super-admin privileges.
Read Post
spambrella

Why GenAI Should Be a Deciding Factor With Email Security Investments

Jan 15, 2025 By Spambrella In Spambrella
The good news is that advanced email protection methods do not necessarily call for a trade-off. Generative AI (GenAI) is both a way to embrace innovation and an enabler of robust defense mechanisms to take action against dangers that are increasingly difficult to counter. Investing in this technology at any stage of your email security program can make your organization adaptive, future-focused, and fully prepared to mitigate the risks posed by cybercriminals leveraging AI tools for malicious purposes.
Read Post
obrela

New cybersecurity threat-focused reports from ENISA

Jan 15, 2025 By Obrela In Obrela
The latest ENISA reports help inform about threat response and a more effective, risk-based approach to cybersecurity In December 2024, the European Union Agency for Cybersecurity (ENISA) released its first-ever report on the state of cybersecurity in the Union. The report, which was prepared in accordance with Article 18 of the NIS2 Directive, is a comprehensive, evidence-based overview of the cybersecurity ecosystem across EU Member States.
Read Post
securitysenses

The Guide to an Industrial Hangar Door: Types, Styles, and Benefits

Jan 15, 2025 By SecuritySenses In SecuritySenses
Did you know that the global hangar doors market is projected to reach $427.6 million by 2032? This shows the growing demand for robust and versatile hangar door solutions. Choosing the right door can impact the functionality of your industrial space. These doors are more than just entrances. They play a critical role in the accessibility and efficiency of your facility. In this article, you'll discover the types, styles, and benefits of an industrial hangar door. You'll also learn how to choose the right one for your needs with this comprehensive guide. Keep reading to learn.
Read Post
securitysenses

Digital Transformation: The Future of Security Services

Jan 15, 2025 By SecuritySenses In SecuritySenses
The security services industry is undergoing a significant transformation. As technology advances, traditional methods of safeguarding people, assets, and information are being supplemented-and in some cases, replaced-by digital innovations. To stay competitive, you need to understand how digital transformation impacts your operations, including leveraging tools like digital marketing for security companies. This article will explore how these changes are shaping the future of the security industry and what you can do to stay ahead.
Read Post
keeper

IT Controls: What They Are and How to Implement Them

Jan 14, 2025 By Jaryeong Kim In Keeper
IT controls refer to the frameworks and processes organizations use to manage their information systems securely and effectively. They support business operations by helping reduce cyber risks, ensure regulatory compliance and improve operational efficiency. Continue reading to learn more about the importance of IT controls, steps for implementation and how a PAM solution can enhance their effectiveness.
Read Post
levelblue

3 Tips for Eliminating Attack Surface Blind Spots

Jan 14, 2025 By Daniel Ghillione In LevelBlue
In today’s rapidly evolving digital landscape, security professionals face many challenges in protecting their organizations from cyber threats. One common problem is the persistence of attack surface blind spots, which can be exploited by attackers and prevent an organization’s ability to stay ahead of threats.
Read Post
Trustwave

CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day

Jan 14, 2025 By Trustwave In Trustwave
In late November and December 2024, Arctic Wolf observed evidence of a mass compromise of Fortinet FortiGate. While the initial attack vector was unknown at the time, evidence of compromise (with new users and SSL profiles) was consistent across compromised devices. On January 14, Fortinet released a formal statement and patch. The vulnerability is an Authentication Bypass via crafted requests to Node.js websocket module and issued CVE-2024-55591. The CVSSv3 score is 9.6.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.