by Fortinet recently disclosed that the path traversal vulnerability CVE-2022-41328 of its firewall operating system FortiOS has been attacked. It calls on users to fix it as soon as possible, but did not provide more information. Until these days, Mandiant, an information security company that assisted in the investigation, stated that the vulnerability was exploited in the attack in 2022, and pointed out that hackers also targeted other types of Fortinet products deployed by the victim organization. Today we also noticed another major attack using vulnerabilities to attack, that is, the information security incident that occurred in the US executive agency (FCEB). Several hacker organizations broke into the agency, and they used the The application framework Progress Telerik vulnerability CVE-2019-18935 was disclosed, and one of these attackers is a state-sponsored hacker organization.
