Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs

Brand-new vulnerabilities from both vendors this week — one exploited in the wild — add to a steady stream of critical security issues in the security platforms. [TechWeb]( Follow Dark Reading: [RSS]( February 13, 2024 LATEST SECURITY NEWS & COMMENTARY [Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs]( Brand-new vulnerabilities from both vendors this week — one exploited in the wild — add to a steady stream of critical security issues in the security platforms. [Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks]( The developers behind a widespread worm are nesting further into networks by exploiting Windows escalation opportunities faster than organizations can patch them. [33M French Citizens Impacted in Country's Largest-Ever Breach]( Viamedis and Almerys, two payment processors widely used by French health insurers, were victims of cyberattackers who struck five days apart. [US Govt. Offers Millions in Bounties to Find Hive Ransomware Actors]( The move by the State Department complements a Hive infrastructure takedown by international law enforcement. [It's Time to Rethink Third-Party Risk Assessment]( Continuously evaluating and updating your third-party risk assessment can improve your security posture and ensure your company doesn't have the next headline-making incident. [(Sponsored Article) Transform Your Security Operations Center With AI]( Attackers aren't slowing down and are using new methods to infiltrate orgs. To limit their impact, automation in the SOC is more critical now than ever. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Deepfake Democracy: AI Technology Complicates Election Security]( While cybersecurity risks to the democratic process have been pervasive for many years now, the prevalence of AI now represents new threats. [How 'Big 4' Nations' Cyber Capabilities Threaten the West]( Russia, China, Iran, and North Korea pose significant cyber threats to Western nations. [CISO Corner: DoD Regs, Neurodiverse Talent & Tel Aviv's Light Rail]( Also in this issue: How the SEC's reporting rules are being weaponized, quishing attacks plaguing execs, and tabletop exercises making a comeback. [How Neurodiversity Can Help Fill the Cybersecurity Workforce Shortage]( Many people with ADHD, autism, dyslexia, and other neurodiverse conditions bring new perspectives that can help organizations solve cybersecurity challenges. [MORE]( PRODUCTS & RELEASES [CSC Partners With NetDiligence to Help Mitigate Cyber Risks]( [Bugcrowd Secures $102M in Strategic Growth Funding to Scale AI-Powered Crowdsourced Security Platform]( [Billington CyberSecurity to Host 1st State and Local Cyber Summit in Wake of Serious Cyberattacks]( [etherFAX Pioneering Interoperable Secure Cloud Fax Standards]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps]( Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come. LATEST FROM THE EDGE [How Changes in State CIO Priorities for 2024 Apply to API Security]( The National Association of State Chief Information Officers' top 10 list sheds light on where state and local governments need to direct their cybersecurity efforts. Here's what it means for application security. LATEST FROM DR TECHNOLOGY [Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem]( With prompt injection, AI puts new spin on an old security problem LATEST FROM DR GLOBAL [United Nations Digging Into DPRK Crypto Cyberattacks Totaling $3B]( The UN is reportedly investigating dozens of crypto cyberattacks suspected to have earned the North Korean regime billions to fund its nuclear program. WEBINARS - [Building a Modern Endpoint Strategy for 2024 and Beyond]( - [Your Everywhere Security Guide: 4 Steps to Stop Cyberattacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Secure Access for Operational Technology at Scale]( - [Strengthen Microsoft Defender with MDR]( - [Endpoint Best Practices to Block Ransomware]( - [Fortinet Named a Leader in the Forrester Wave: Zero Trust Edge (ZTE) Solutions]( - [Threat Intelligence: Data, People and Processes]( - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Understanding AI Models to Future-Proof Your AppSec Program]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How to Deploy Zero Trust for Remote Workforce Security]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=121196&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_02.13.24&sp_cid=51938&utm_content=DR_NL_Dark%20Reading%20Daily_02.13.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#84 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)