VulnHub

Fortinet has reported that a five-year-old vulnerability in its FortiOS SSL VPN is being actively exploited. This flaw, identified as CVE-2020-12812, allows attackers to bypass two-factor authentication under specific configurations, enabling unauthorized access to systems. Organizations using affected versions of FortiOS SSL VPN should be particularly vigilant, as this vulnerability could lead to significant security breaches. The issue emphasizes the need for users to ensure their VPN configurations are secure and up-to-date. Fortinet's warning serves as a critical reminder of the importance of addressing known vulnerabilities, even those that have been around for several years.

On Monday, the French national postal service, La Poste, experienced a significant disruption due to a Distributed Denial of Service (DDoS) attack. The attack caused central computer systems to go offline, impacting operations across the postal service. Pro-Russian hacker groups have claimed responsibility for the incident, raising concerns about the motivations behind such attacks amid ongoing geopolitical tensions. This incident not only disrupts postal services but also highlights the vulnerability of critical infrastructure to cyber threats. As La Poste works to restore services, this event serves as a reminder of the increasing frequency and severity of cyberattacks targeting essential services.

The French postal service, La Poste, has been facing significant disruptions due to a major DDoS (Distributed Denial of Service) attack. This incident, which occurred just before Christmas, has rendered their online services largely inaccessible, impacting both customers and businesses that rely on postal services during the holiday season. La Poste acknowledged the situation and described it as a 'major network incident.' As the postal service works to restore functionality, users may experience delays and challenges in sending and receiving packages, which is particularly concerning during this busy time of year. The attack raises important questions about the security of critical infrastructure and the potential for further disruptions in similar sectors.

Romania's national water authority, Romanian Waters, recently experienced a significant ransomware attack that affected around 1,000 of its systems. Fortunately, the attack did not compromise the safety of the dams, which remain secure. Authorities are actively working to restore operations without paying the ransom demanded by the attackers. This incident is a stark reminder of the vulnerabilities critical infrastructure faces from cyber threats, emphasizing the need for robust cybersecurity measures in public services. The situation is still developing as officials assess the full impact and work on recovery efforts.

In 2025, ransomware attacks have shown a significant increase, with various industries facing heightened risks. The report outlines key statistics that reveal the evolving tactics used by attackers, including targeted assaults on critical infrastructure and healthcare systems. Companies are increasingly vulnerable as ransomware groups adapt, often deploying double extortion techniques that not only encrypt data but also threaten to leak sensitive information if ransoms are not paid. This trend poses serious implications for businesses, as the financial and reputational damage from such attacks can be substantial. Organizations are urged to bolster their cybersecurity measures and educate employees about phishing and other attack vectors to mitigate these risks.

A recent cyberattack has severely disrupted France's national postal service, leading to significant delays in package deliveries and hindering online payment systems during the busy Christmas season. The attack has affected not only the postal service but also banking operations, complicating transactions for many users. This incident comes at a peak time for holiday shopping, raising concerns about the security of essential services during critical periods. As a result, many customers are left frustrated and uncertain about their deliveries and payments. The attack underscores the vulnerabilities that essential services face in an increasingly digital economy.

WatchGuard has reported an exploitation of a zero-day vulnerability in its Firebox devices, which are critical components for network security. This vulnerability has caught the attention of attackers, joining a troubling trend where various edge device vendors are targeted. Organizations using WatchGuard Firebox devices should be particularly vigilant, as the flaw could allow unauthorized access to their networks. The situation emphasizes the need for prompt attention to security updates and patches to protect against potential breaches. Users and IT departments are advised to stay updated on any security advisories from WatchGuard to mitigate risks effectively.

A serious remote code execution (RCE) vulnerability has been discovered in WatchGuard Firebox devices, impacting over 115,000 units that are currently exposed online. Attackers are actively exploiting this flaw, which allows them to execute arbitrary code on the affected firewalls. This vulnerability poses a significant risk to organizations using these devices, as it could lead to unauthorized access and control over network resources. Users of WatchGuard Firebox products are urged to take immediate action to protect their systems. The urgency of addressing this issue is heightened by the active nature of the exploitation, making it critical for companies to ensure their devices are patched as soon as possible.

The hacking group known as LongNosedGoblin has been targeting Asian governments by deploying cyberespionage tools on their networks using Group Policy. This method allows them to effectively infiltrate and operate within government systems, raising concerns about national security and data integrity. Researchers have identified this group as a persistent threat, which could compromise sensitive information and disrupt governmental operations. The implications are significant, as such attacks could weaken trust in governmental digital infrastructures and potentially expose critical data to adversaries. As this activity continues, it emphasizes the need for robust cybersecurity measures in governmental organizations to protect against such sophisticated attacks.