Long shot but we have a #fortigate SSL VPN connection with specific DNS servers, we've updated them but the #forticlient isn't picking up the new IPs, any idea what might be up?

For Various reasons, I'm going to work one some certs for my Resume. Got plenty of real life experience, but i do feel i need this.
#CCNA #RHCSA #Fortigate, Maybe some cloud #AWS or #Azure, haven't decided (also: no experience).
First: CCNA.
Tools for the Job #Bearapp for taking notes. Odom's OCG, And probably Neil Anderson's course on udemy, #GNS3 And #Packet tracer, probably #Boson Netsim later on.
I was thinking to blog my journey (#Medium? #Github?) also need to be decided.

#ccnajourney.

https://www.fortiguard.com/psirt/FG-IR-23-183 Critical vulnerability in fortigate v7.x when using deep-packet-inspection for ssl/tls in proxy-based inspection mode (not flowbased inspection) - CVSS 9.8 #infosec #fortigate #vulnerability #fortinet

This one looks horrible:
A stack-based overflow vulnerability [CWE-124] in FortiOS & FortiProxy may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.

FortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.10
FortiProxy version 7.2.0 through 7.2.2
FortiProxy version 7.0.0 through 7.0.9

https://www.fortiguard.com/psirt/FG-IR-23-183

#FortiGate #Vuln #CVSS #ArbExec

Of the total 490,000 public internet-exposed Fortinet FortiOS and FortiProxy SSL-VPNs interfaces scanned by Shodan, 69% are vulnerable to this #vulnerability.

https://hackread.com/rce-vulnerability-fortinet-firewalls-at-risk/

#Security #Fortinet #FortiGate #VPN #cybersecurity

We commend those who have patched their servers
Protecting against this critical flaw
For those who remain unpatched
We urge you not to hesitate
Protect yourselves before it’s too late

#serversecurity #cybersecurity #fortigate #cyberattack #ode #poetry

https://arstechnica.com/security/2023/07/336000-servers-remain-unpatched-against-critical-fortigate-vulnerability/

336,000 #servers remain unpatched against critical #Fortigate #vulnerability https://arstechnica.com/?p=1951654

Glad I upgraded our #Fortigate on Friday instead of waiting until right before patch Tuesday. Pre-auth, MFA bypassing, fuck all zero day RCE. Props to #Fortinet for the quick patch!

Advisory for #Fortigate issue is out: https://www.fortinet.com/blog/psirt-blogs/analysis-of-cve-2023-27997-and-clarifications-on-volt-typhoon-campaign #CVE202327997 #threatintel

#Fortigate #RCE -- Nomen est omen.

Why give a company a name that sounds pretty close to the biggest political scandal in the US in the 1970s?

Probably to make it more robust against all possible #InfoSec fails and scandals.

If you count the critical #CVEs in their products, this obviously worked pretty well.

https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-rce-flaw-in-fortigate-ssl-vpn-devices-patch-now/

#fortinet #fortigate #cve202327997

Una nuova RCE colpisce Fortinet. Aggiornare il firmware di FortiOS immediatamente

Una ricerca di #Shodan ha rivelato che da Internet è possibile raggiungere oltre 250.000 #firewall #Fortigate e poiché questo #bug riguarda tutte le versioni precedenti, la maggior parte di questi famosi #appliance è probabilmente esposta.

Fortinet ha rilasciato #aggiornamenti del #firmware per i suoi dispositivi Fortigate, affrontando una #vulnerabilità #critica di esecuzione di #codice remoto (#RCE) di pre-autenticazione nei dispositivi SSL VPN.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/una-nuova-rce-colpisce-fortinet-aggiornare-il-firmware-di-fortios-immediatamente/

Upgrade your #Fortigate firewalls that have SSL VPN enabled to the latest release. There is a remotely exploitable, preauth vuln.

Get to FortiOS version 7.2.5, 7.0.12, 6.4.13, 6.2.15, 6.0.17 or above — patches out now.

HT to @log4jmc who caused me to go looking. CVE, disclosure and technical details drop this Tuesday. #threatintel

CVE-2023-25610 : une nouvelle faille critique affecte les firewalls Fortinet https://www.it-connect.fr/cve-2023-25610-une-nouvelle-faille-critique-affecte-les-firewalls-fortinet/ #Fortigate #Sécurité #Fortinet

❗​Critical (9.3 CVSS) CVE dropped for #FortiOS today. I recommend applying mitigations and updating your #FortiGate firewalls ASAP.

FortiGuard PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-001

Best Practices that mitigate this vuln:

• Don't expose your admin interfaces to the internet
• Use non-standard ports for your admin access (not 80/443)
• Configure a Local In policy to limit IP addresses that can reach the admin interface (preferably to a set of jump hosts or Privileged Access Workstations)

got my #FortiGate units and clusters all up to 6.4.12 and with that, I'm off 'til Tuesday *mic drop*

Kolejna krytyczna podatność w produkcie Fortinetu (FortiNAS) – można bez uwierzytelnienia uzyskać uprawnienia roota. Łatajcie się.

Trochę pechowo – podatność RCE zlokalizowano w produkcie FortiNAS („Secure Network Access Control”). No więc w przypadku tej podatności nie było żadnego „access control”, bo bez logowania można uzyskać dostęp roota na urządzeniu: Jak widać, jedyne co jest potrzebne to dostęp sieciowy do urządzenia. PoC / Exploit ma pojawić się...

#WBiegu #Fortigate #Nac #Podatności
https://sekurak.pl/kolejna-krytyczna-podatnosc-w-produkcie-fortinetu-fortinas-mozna-bez-uwierzytelnienia-uzyskac-uprawnienia-roota-latajcie-sie/

FortiOS 7.2.4 with a neat default behavior change:
"For new firewall policies with a deny action, set match-vip is enabled by default. When upgrading from a previous version, existing policy settings for match-vip are preserved." #fortigate #fortios #fortinet

Hello there, @fortireleases. I'll have you running soon.

https://hachyderm.io/fortireleases

#fortinet #fortigate #fortianalyzer

IPsec site-to-site VPN tunnel between Palo Alto Firewall & FortiGate Firewall
#Firewalls #Tunnel #Paloalto #Fortigate #Security #networking #networkengineers #networks #thenetworkdna #networksbaseline
https://www.thenetworkdna.com/2023/01/ipsec-site-to-site-vpn-tunnel-between_29.html