Article 5G46D Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

by
Dan Goodin
from Ars Technica - All content on (#5G46D)
evil-packet-800x480.jpg

Enlarge (credit: Getty Images)

The FBI and the Cybersecurity and Infrastructure Security Agency said that advanced hackers are likely exploiting critical vulnerabilities in the Fortinet FortiOS VPN in an attempt to plant a beachhead to breach medium and large-sized businesses in later attacks.

APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services," the agencies said Friday in a joint advisory. Gaining initial access pre-positions the APT actors to conduct future attacks." APT is short for advanced persistent threat, a term used to describe well-organized and well-funded hacking groups, many backed by nation states.

Breaching the mote

Fortinet FortiOS SSL VPNs are used mainly in border firewalls, which cordon off sensitive internal networks from the public Internet. Two of the three already-patched vulnerabilities listed in the advisory-CVE-2018-13379 and CVE-2020-12812-are particularly severe because they make it possible for unauthenticated hackers to steal credentials and connect to VPNs that have yet to be updated.

Read 6 remaining paragraphs | Comments

index?i=_pQLvhniM0A:Jy7QLECpdLg:V_sGLiPB index?i=_pQLvhniM0A:Jy7QLECpdLg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments