[GTALUG] Cert Advisory FortiOS APT
D. Hugh Redelmeier
hugh at mimosa.com
Wed Apr 7 10:03:27 EDT 2021
| From: Russell Reiter via talk <talk at gtalug.org>
|
| The advisory says even if your org doesn't use the os you should apply
| mitigations.
|
| https://siliconangle.com/2021/04/04/hackers-actively-targeting-fortios-vulnerabilities-warn-fbi-cisa/
I was not aware of FortiOS. I found that it is "the Heart of the Fortinet
Security Fabric" which doesn't help me. I conclude: I don't care.
The advisory that lists mitigations:
<https://www.ic3.gov/Media/News/2021/210402.pdf>
It seems to say
1) if you run FortiOS, you may have a few problems
2) even if you don't run it, you should "add key artifact files used by
FortiOS to your organization’s execution denylist." [I don't have an
execution denylist.]
3) the usual Good Things, none specific to this vulnerability.
Nothing struck me as interesting. Is there something I'm missing?
More information about the talk
mailing list