Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cycognito

Emerging Threat: Fortinet CVE-2024-55591

Jan 16, 2025 By Emma Zaballos In CyCognito
On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.6) authentication bypass vulnerability affecting FortiOS and FortiProxy. This vulnerability, CVE-2024-55591, allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges.
Read Post
Trustwave

CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day

Jan 14, 2025 By Trustwave In Trustwave
In late November and December 2024, Arctic Wolf observed evidence of a mass compromise of Fortinet FortiGate. While the initial attack vector was unknown at the time, evidence of compromise (with new users and SSL profiles) was consistent across compromised devices. On January 14, Fortinet released a formal statement and patch. The vulnerability is an Authentication Bypass via crafted requests to Node.js websocket module and issued CVE-2024-55591. The CVSSv3 score is 9.6.
Read Post
Forward Networks

Simplify Network Management with a Single Source of Truth

Jan 13, 2025 By Forward Networks In Forward Networks
Managing complex networks can feel like an endless challenge, especially when critical data is scattered across multiple tools and systems. Conflicting sources of truth (SOTs) introduce risks, leaving IT teams uncertain about which data to trust. Without an accurate view of your network, tasks like CVE management, troubleshooting, and compliance become overwhelming—and potentially introduce risk into the network.
Read Post
securitysenses

Dealing with Modern Cloud Servers for Business: Top Tips to Stay Secure

Jan 13, 2025 By SecuritySenses In SecuritySenses
Modern cloud servers have replaced the need for organizations to own physical servers that take space and time to configure. So instead, they turn to cloud server providers who cater to business requests. By doing so, organizations get increased efficiency and the ability to scale for a fraction of the cost. Cloud servers make collaboration easier for remote teams and even acts as a source of data backup. It's no wonder 94% of enterprises have turned to modern cloud solutions for their servers.
Read Post
manageengine

Centralize and conquer: Why multi-site DDI Central is a game changer for managing distributed on-premises networks

Jan 10, 2025 By DDI Central In ManageEngine
Managing distributed IT environments is no easy task. As networks grow increasingly complex and interconnected, centralizing their management becomes a daunting challenge. Traditional tools often fall short, struggling to balance centralized control with the unique configurations and autonomy required at each location. This challenge only amplifies as operations scale, leading to inefficiencies, inconsistencies, and operational silos that hinder productivity.
Read Post
fidelis security

Migrating to Cloud? A Complete Cloud Network Security Checklist

Jan 10, 2025 By Fidelis Security In Fidelis Security
Migrating to the cloud is no longer just an option for businesses—it’s a strategic necessity in today’s digital landscape. The cloud offers unparalleled scalability, flexibility, and cost-efficiency, but it also presents a unique set of cloud network security challenges. A misstep in securing your network during migration can expose sensitive data, disrupt operations, and impact compliance.
Read Post
CalCom

Ensure IP forwarding is disabled a RHEL Benchmark

Jan 9, 2025 By John Gates In CalCom
IP forwarding in Linux is a feature that allows a system to route packets between network interfaces, effectively functioning as a router. While this capability is essential for specific network setups, it poses security risks if enabled unnecessarily. Disabling IP forwarding is a critical step in server hardening, particularly for systems not intended to perform routing tasks.
Read Post
WatchGuard

WatchGuard Acquires ActZero to Add Scalable and Open-Platform AI Security to Deliver Simplified 24/7 MDR Services

Jan 8, 2025 By WatchGuard In WatchGuard
With demand for WatchGuard's existing MDR service soaring, this acquisition lets MSPs easily add best-in-class MDR capabilities without building and maintaining their own in-house security operations center (SOC).
Read Post
cato networks

Under Siege: Ransomware and Healthcare

Jan 8, 2025 By Christopher Rudolph In Cato Networks
It’s becoming all too common these days: ransomware hitting another organization. However, most people don’t know exactly what happens when ransomware is found and what must be addressed. What makes it even more challenging for healthcare is that the data that can be stolen, like personal health information, is much more valuable than credit card numbers.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.