Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mamot.fr is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mamot.fr est un serveur Mastodon francophone, géré par La Quadrature du Net.

Administered by:

Server stats:

3.3K
active users

mamot.fr: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#fortinet

4 posts4 participants3 posts today
Public
DFN-CERT

CERT.at investigates ransomware attacks via critical Fortinet vulnerabilities (FortiOS, FortiProxy) and recommends urgent forensic investigations of all devices that didn't have FortiOS 7.0.16 installed before 2025-01-27, when the PoC for CVE-2024-55591 was published. Those devices may be compromised despite having been patched later.

Check (German) warning by @CERT_at
cert.at/de/warnungen/2025/3/ra

Long story with Forescout:
forescout.com/blog/new-ransomw

Screenshot of attack timeline from Forescout's blog post.
#ransomware#fortinet#Mora_001
Public
Christoffer S.

ReliaQuest (ex. Digital Shadows): reliaquest.com/blog/credential

This report examines how VPN vulnerabilities, particularly CVE-2018-13379 and CVE-2022-40684 affecting Fortinet products, remain highly exploited years after disclosure. The analysis reveals a 4,223% increase in cybercriminal forum discussions about Fortinet VPNs since 2018, highlighting their continued relevance in attack campaigns. Threat actors exploit these vulnerabilities primarily through credential theft and gaining administrative control. The report details how cybercriminals and state-sponsored APT groups leverage these vulnerabilities, with 64% of VPN vulnerabilities directly linked to ransomware campaigns. The report also examines a 2025 breach by 'Belsen_Group' that compromised over 15,000 FortiGate devices using CVE-2022-40684. The authors provide detection rules, threat hunting recommendations, and defensive strategies to mitigate these threats, while predicting increased hybrid threats targeting VPN infrastructure and the growing impact of AI on VPN exploitation.

ReliaQuest · Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation - ReliaQuestLegacy VPN vulnerabilities continue to drive large-scale credential theft and administrative control, now amplified by AI-driven attacks and automation.
#CyberSecurity#FortinetNot#Fortinet
Public
քʏʀǟȶɛɮɛǟʀɖ

Going to start standing up my office infrastructure over the coming weeks. Picked up a FortiGate firewall to start with, hopefully will be pairing it with a FortiAP.

Trying to get hold of a secondhand rack then will be sourcing at least one blade and deciding what sort of storage setup I will go for.

Lots to design and implement while working full time!

#sysadmin#networking#linux
ExploreLive feeds
About