🚨 [02/12/24] Vulnerability Recap: Issues With Ivanti, JetBrains, Fortinet, Linux

This week saw some repeat products from previous vulnerability recaps, such as Ivanti Policy Secure and JetBrains TeamCity servers. One of the most notable vulnerabilities for this week is Fortinet’s critical FortiOS issue, which affects Fortinet products that use the affected versions of the network operating system. CYBERSECURITY INSIDER   Feb 13, 2024 | Today’s news and insights   Note From the Writer's Desk: Security researchers at [Bitdefender found a backdoor for macOS]( that disguises itself as an update for Visual Studio and could be used to distribute ransomware. The investigation is ongoing, but on Feb. 8 Bitdefender revealed several details about the vulnerability, including that it is written in the programming language Rust and has several variants. Bitdefender researchers first spotted this backdoor in November 2023; they found the newest instance of this attack on Feb. 2, 2024. The malicious files are distributed as FAT binaries with Mach-O files for both x86_64 Intel and ARM chip architectures. Rust is an interesting choice for this attack because it is relatively uncommon compared to C or Python, making it more difficult for organizations to find security researchers who can detect and analyze malicious code written in Rust. Although Bitdefender did not definitively pin the attack on an organized threat group, they note that it could potentially be linked to the BlackBasta or ALPHV/BlackCat groups. TechRepublic resources about macOS and security: - [BlackCat/ALPHV Ransomware Site Seized in International Takedown Effort]( - [How to Change Mac Permissions via the Mac Terminal]( - [Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs]( [Jessica Dennis, Editor, TechnologyAdvice] Megan Crouse Senior Staff Writer [LinkedIn](   Sponsored by: [Huntress logo](   [Weekly Vulnerability: Ivanti, JetBrains, Fortinet, Linux Issues]( This week saw some repeat products from previous vulnerability recaps, such as Ivanti Policy Secure and JetBrains TeamCity servers. One of the most notable vulnerabilities for this week is Fortinet’s critical FortiOS issue, which affects Fortinet products that use the affected versions of the network operating system.   [New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches]( Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan and Germany.   [10 Major Benefits of Cloud-Native Application Development]( Explore the trends, benefits, challenges and impacts, and strategic approaches for optimizing cloud-native applications.   TechRepublic Premium [Cloud Access Security Broker Policy]( This Cloud Access Security Broker Policy from Techrepublic Premium establishes guidelines and procedures for the secure and efficient use of cloud-based services. [Read More]( [Read more news]( [Hackers got you worried? Stay ahead with the SMB Threat Report]( Download Huntress’ new SMB Threat Report for an inside look at the trends and adversary tactics that are impacting SMBs. [DOWNLOAD IT TODAY!]( Top Tech Resources   [Google Cloud’s Nick Godfrey Talks Security, Budget and AI for CISOs]( In this Q&A, Godfrey reminds business leaders to integrate security into conversations around financial and business targets.   Sponsored Content [Top Security Software Solutions]( This security software guide will help new and veteran buyers navigate the purchasing process by identifying the best security software vendors through an analysis of common trends, feature sets, and case studies. [Read More](   [Bitwarden Free vs. Premium: Which Plan Is Best For You?]( Learn about the differences between Bitwarden's Free and Premium versions and decide which one is the right fit for your password management needs. [Read more news]( What We're Reading     [Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware]( The FBI spotted this state-sponsored attack that highlights how home office setups can be overlooked when it comes to employees’ cybersecurity.   [How to Set Up a Firewall: 5 Steps to Firewall Configuration]( In this guide, we’ll unravel how to set up a firewall and some critical factors to consider while doing so.   [Secure Shell (SSH) Protocol: Encryption Over Insecure Networks]( With SSH, users can safely transfer files, manage network infrastructures, remotely access apps and devices, and execute commands. Thanks to its ability to authenticate and encrypt sessions, SSH provides robust protection against cyberattacks and information theft. More Tech News   [Executive Briefing]( [Cloud Insider]( [Innovation Insider]( [Cybersecurity Insider]( [Microsoft Weekly]( [TechRepublic Premium]( More Than A Newsletter   Written by Mary Weilage Was this email forwarded to you? [Sign up here](. Related Publications [Project Management Insider]( Connect With Us [X]( | [LinkedIn]( | [Facebook]( About Cybersecurity Insider: Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices with this bi-weekly newsletter. [Sign up today]( Visit the [Subscription Center]( to get other free newsletters, manage your account settings or to be removed from TechRepublic communications. [Unsubscribe]( | [FAQ]( | [Terms of Use]( | [Privacy Policy]( © 2024 TechnologyAdvice, LLC. All rights reserved. This is a marketing email from TechnologyAdvice, 3343 Perimeter Hill Dr., Suite 100, Nashville, TN 37211, USA. Please do not reply to this message. To contact us, please click [here.](