It was reported today that a hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices. Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
This vulnerability has been a known issue for nearly two years now. The list that this hacker has posted is not exhaustive, there may be many more organisations that have the same issues that are not included in the exploit dump.
This year, ransomware has been rampant all over the globe, and this exploit is just another way for attackers to deliver their payloads. This is a one-line exploit, which means the attack is fairly simple to run, and any susceptible systems should be addressed, patched or taken offline immediately.
Organisation need to implement and enforce strong patching policies. This needs to be coupled with strong asset management so it is understood exactly what needs to be patched and where the technology resides.