Microsoft April 2021 Security Update

Microsoft has released its monthly security update for the month of April addressing a collection of vulnerabilities, including five (5) zero-day flaws and four (4) additional Microsoft Exchange vulnerabilities. Minimal information is given for the zero-day vulnerabilities, but successful exploitations could allow threat actors an elevation of privilege, denial of service (DoS) attacks, and information continue reading : Microsoft April 2021 Security Update

Multiple FortiOS Vulnerabilities (CVE-2018-13379, CVE-2019-5591, CVE-2020-12812)

Three security vulnerabilities in the FortiOS used in Fortinet SSL VPN are currently being observed to be exploited by advanced persistent threat (APT) actors. Exploitation of the vulnerabilities, CVE-2018-13379, CVE-2019-5591, and CVE-2020-12812, may provide threat actors to gain a foothold within vulnerable networks before moving laterally and carrying out reconnaissance activity. The Federal Bureau of continue reading : Multiple FortiOS Vulnerabilities (CVE-2018-13379, CVE-2019-5591, CVE-2020-12812)