![]() Fortinet immediately issued a PSIRT advisory and communicated directly with customers and via corporate blog posts on multiple occasions in August 2019, July 2020, and again in April 2021 strongly recommending an upgrade," a Fortinet spokesperson told ZDNet. ![]() For example, CVE-2018-13379 is an old vulnerability resolved in May 2019. "The security of our customers is our first priority. SEE: Ransomware: Why we're now facing a perfect storm The NCSC recommends that all Fortinet VPN users check whether the 2019 updates have been installed, and if they haven't to apply them immediately to prevent cyber attackers from exploiting the vulnerability. "This recent activity emphasises the importance of NCSC advice to install security updates as soon as is practicable following their release to ensure action is taken before exploitation is observed," said the alert. That includes removing the device from service and returning it to factory settings, as well as investigating the network for suspicious or unexpected activity. In fact, the NCSC has warned that organisations using unpatched Fortinet VPN devices must assume they are now compromised, and should begin incident management procedures. SEE: The best free VPNs: Why they don't existįortinet issued a critical security update to counter the security vulnerability after it was discovered in 2019, but almost two years later a significant number of organisations have yet to apply the patch to their enterprise network, leaving them vulnerable to cyberattacks.Ĭyber criminals have published a list of almost 50,000 IP addresses relating to unpatched devices the NCSC warns that 600 of these are in the UK and that the organisations running them are "at very high risk of exploitation". The NCSC – along with CISA and the FBI – has also warned that Advanced Persistent Threat (APT) nation-state hacking groups are still actively scanning for unpatched CVE-2018-13379 vulnerabilities as a means of gaining access to networks for cyber-espionage campaigns. ![]() ![]() Ukrainian developers share stories from the war zoneĮvery remote worker should consider a virtual private network to stay safe online. The best Wi-Fi router for your home office 3G shutdown is underway: Check your devices now ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |