ioc[.]one - OSINT Cyber Threat Intelligence Database

安全热点周报：超过 87,000 台 FortiOS 设备易受远程代码执行攻击

Tags

attack-pattern:

Malware - T1587.001 Malware - T1588.001 Mmc - T1218.014

Show in Graph

Common Information

Type	Value
UUID	b2a36134-86e2-4c96-8aac-1fcc4db44169
Fingerprint	266421655e464c41
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 14, 2024, midnight
Added to db	Oct. 14, 2024, 1:07 p.m.
Last updated	Nov. 17, 2024, 12:53 p.m.
Headline	安全热点周报：超过 87,000 台 FortiOS 设备易受远程代码执行攻击
Title	安全热点周报：超过 87,000 台 FortiOS 设备易受远程代码执行攻击
Detected Hints/Tags/Attributes	12/1/42

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502279&idx=1&sn=7d6b8cb849a31ab262adeb5bd8e046f7&chksm=fe79ed5fc90e6449c03830212b75378e987057b90d6178496fee7926daa442b488d4144d002b&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	266	✔	奇安信 CERT	https://wechat2rss.xlab.app/feed/981c000a01bbdc1f128d260cc91c15d3a6afb530.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	49	cve-2024-9680
Details	CVE	20	cve-2024-9164
Details	CVE	53	cve-2024-23113
Details	CVE	34	cve-2024-9379
Details	CVE	41	cve-2024-9380
Details	CVE	29	cve-2024-9381
Details	CVE	70	cve-2024-8963
Details	CVE	59	cve-2024-43572
Details	CVE	19	cve-2024-38259
Details	CVE	61	cve-2024-43573
Details	CVE	53	cve-2024-43047
Details	Domain	33	cybersecuritynews.com
Details	Domain	20	www.secrss.com
Details	Domain	99	therecord.media
Details	Domain	2	yyglxxbs.ndrc.gov.cn
Details	Domain	208	mp.weixin.qq.com
Details	Domain	2	www.mohurd.gov.cn
Details	Domain	12	www.gov.cn
Details	Domain	3	www.ndrc.gov.cn
Details	Domain	22	www.bsi.bund.de
Details	File	2	yyglxxbs.nd
Details	File	1	20241012164606227325.doc
Details	File	1	20241011_780320.html
Details	File	1	content_6978910.htm
Details	File	22	www.nd
Details	File	1	p020241008585506324012.pdf
Details	File	1	anssi_bsi_ai_coding_assistants.pdf
Details	Url	1	https://cybersecuritynews.com/87000-fortios-rce-attacks
Details	Url	1	https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks
Details	Url	2	https://www.tenable.com/blog/microsoft-october-2024-patch-tuesday-addresses-117-cves-cve-2024-43572-cve-2024-43573
Details	Url	1	https://www.bleepingcomputer.com/news/security/qualcomm-patches-high-severity-zero-day-exploited-in-attacks
Details	Url	1	https://www.secrss.com/articles/71121
Details	Url	1	https://www.bleepingcomputer.com/news/security/european-govt-air-gapped-systems-breached-using-custom-malware
Details	Url	1	https://therecord.media/american-water-works-cyberattack-utility
Details	Url	1	https://yyglxxbs.ndrc.gov.cn/file-submission/20241012164606227325.doc
Details	Url	1	https://mp.weixin.qq.com/s/mewd4pc29jn-z1cc-myhcq
Details	Url	1	https://www.mohurd.gov.cn/gongkai/zhengce/zhengcefilelib/202410/20241011_780320.html
Details	Url	1	https://www.gov.cn/zhengce/202410/content_6978910.htm
Details	Url	2	https://mp.weixin.qq.com/s/735hv8nvo0houtlwefndow
Details	Url	1	https://mp.weixin.qq.com/s/uln-4m_2ap0czg7vltcd7q
Details	Url	1	https://www.ndrc.gov.cn/xxgk/zcfb/tz/202410/p020241008585506324012.pdf
Details	Url	1	https://www.bsi.bund.de/shareddocs/downloads/en/bsi/ki/anssi_bsi_ai_coding_assistants.pdf