A quick reminder that you really need to have your fortinet firewalls behind a firewall
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
@jerry meanwhile I’m at fortinet accelerate this week…
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
@jerry Apparently Fortinet is built upon Linux so...apt-get install iptables ?
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
@jerry Maybe we should ask them to reconsider the industry they're working in. At this point, they should open a swiss cheese factory, they'd do great!
-
@jerry meanwhile I’m at fortinet accelerate this week…
@jerry following up on the “firewall in front of your fortigate” that’s called local in policies and the authorized hosts list.
But dogshit fly by night MSPs have never heard of that or VPNs, so they just open up the management interface(s) to the internet, slap a “all to internet” firewall policy in there with no inspection and sell it to an unsuspecting accounting firm for hundreds of dollars a month, then call themselves an MSSP.
-
@jerry spectacular. no notes
-
@jerry following up on the “firewall in front of your fortigate” that’s called local in policies and the authorized hosts list.
But dogshit fly by night MSPs have never heard of that or VPNs, so they just open up the management interface(s) to the internet, slap a “all to internet” firewall policy in there with no inspection and sell it to an unsuspecting accounting firm for hundreds of dollars a month, then call themselves an MSSP.
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
Ah yes, good ol' FortiVulnsPerWeek -
Ah yes, good ol' FortiVulnsPerWeekOr as the Slavic sphere would call them, Forti-НЕТ
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
fortinet firewalls remind me of my grandmother.
she had slip covers to protect her upholstery, then vinyl covers to protect her slip covers...
she also had cork to protect the wood on her dining room table, custom covers to protect the cork, a table cloth over the covers, plastic to protect the table cloth.
i just get polyurethane finish on the wood table and call it done.
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
@jerry Isn't it like that with Chrome 0-days every other week?
-
A quick reminder that you really need to have your fortinet firewalls behind a firewall
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.
The Hacker News (thehackernews.com)
@jerry genuinely considered purchasing a used gateway appliance just to get a picture of it plugged into itself, but people still want significant sums of money for them.
-
@jerry Maybe we should ask them to reconsider the industry they're working in. At this point, they should open a swiss cheese factory, they'd do great!
@SamantazFox Clownflare suddenly considers buying cows...
-
@jerry genuinely considered purchasing a used gateway appliance just to get a picture of it plugged into itself, but people still want significant sums of money for them.
@huronbikes @jerry Would a Fortigate 100D suffice? Mine (got as a free toy with a year's support) has been idle for a few years now.
Other than shipping, it's free. -
R relay@relay.infosec.exchange shared this topic
