https://feed.craftedsignal.io/tags/network-scanning/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 13 Mar 2026 20:52:20 +0000https://feed.craftedsignal.io/briefs/2026-03-krvtz-net-ids-alerts/Fri, 13 Mar 2026 20:52:20 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-krvtz-net-ids-alerts/Multiple IDS alerts indicate potential network reconnaissance, vulnerability exploitation attempts targeting Fortigate VPN (CVE-2023-27997), and ColdFusion servers originating from various IP addresses on March 13, 2026.<p>On March 13, 2026, KRVTZ-NET IDS systems generated a series of alerts indicative of network scanning and attempted exploitation. The alerts highlight suspicious activity originating from a range of IP addresses, suggesting a widespread campaign rather than a targeted attack from a single actor. Specific alerts include repeated GET requests to <code>/remote/logincheck</code>, potentially targeting the Fortigate VPN vulnerability CVE-2023-27997, as well as requests for hidden environment files and attempts…</p> mediumadvisorynetwork-scanningvulnerability-exploitationfortigatecoldfusioncve-2023-27997