Experts Commenting On Hacker Posts Exploits For Over 49,000 Vulnerable Fortinet VPNs

It was reported today that a hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices. Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
David Kennefick
David Kennefick , Solutions Architect
InfoSec Expert
November 24, 2020 11:16 am

This vulnerability has been a known issue for nearly two years now. The list that this hacker has posted is not exhaustive, there may be many more organisations that have the same issues that are not included in the exploit dump.

This year, ransomware has been rampant all over the globe, and this exploit is just another way for attackers to deliver their payloads. This is a one-line exploit, which means the attack is fairly simple to run, and any susceptible systems should be addressed, patched or taken offline immediately.

Organisation need to implement and enforce strong patching policies. This needs to be coupled with strong asset management so it is understood exactly what needs to be patched and where the technology resides.

Last edited 1 year ago by David Kennefick
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x