PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more!

Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three flaws it thought it had fixed last year.

The cybersecurity firm published a notice last Thursday detailing how unknown threat actors achieved persistent access to FortiGate and FortiOS appliances using a trio of known vulnerabilities - including two that were used by the Chinese backed Void Typhoon group.

The new attack relies on symbolic links (symlinks) – files that offer a pointer to another file or a directory.

Fortinet explained that an unidentified threat actor created a symlink that linked users to the root filesystem and granted read-only access to resources including system configuration files.

Fortinet said that it has mitigated the issue and notified impacted customers. If patching your Fortinet systems with known good versions isn't practical, Fortinet recommends disabling SSL-VPN, as the exploitation isn't possible if the utility is disabled.

CEO of ...