
The Dutch experienced an attack on the MoDs Fortigate appliances using CVE-2022-42475. The malware is named "coathanger" after one of the strings in the program.
Fortinet's FortiSIEM product is vulnerable to two maximum-severity security vulnerabilities that allow for remote code execution, or at least according to two freshly published CVEs.* Both CVE-2024-23108 and CVE-2024-23109 have been assigned scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by …
"The security information and event management (SIEM) “an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system.”
Security information and event management systems address the three major challenges that limit rapid incident response:
The vast amount of unaggregated security data makes it hard to see what’s happening and prioritize threats.
IT teams are understaffed/undertrained due to the cybersecurity skills gap.
The need to demonstrate compliance takes time away from threat identification and response."
OOOF!