A weekly recap of pertinent security events you need to be aware of and can read in 7 seconds (or so...)
Using Fortinet's FortiWeb?
Do this: Disable the FortiWeb device’s management interface from untrusted networks, especially the internet. FortiNet has not released a patch as of yet.
Why: "An unpatched OS command-injection security vulnerability has been disclosed in Fortinet’s web application firewall (WAF) platform, known as FortiWeb. It could allow privilege escalation and full device takeover, researchers said."
Additional Info: https://threatpost.com/unpatched-fortinet-bug-firewall-takeovers/168764/
Do this: Apply the latest Microsoft updates.
Why: The U.S. Cybersecurity and Infrastructure Security Agency is warning of active Microsoft Exchange exploitation attempts that leverage the latest ProxyShell vulnerabilities patched earlier this year. If successfully exploited, attackers are able to bypass ACL controls, elevate privileges, and issue remote commands.
Additional Info: https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html
About the Author
Matt Barnett, CISSP, GFCA
Chief Strategist & Cofounder
After years in IT, performing network and system administration, software development, and architecting cloud migrations, Matt began to focus his efforts in cybersecurity. Matt draws on his technical competency and law enforcement background to assist clients, in both proactive and incident response capacities. In addition, Matt has developed an arsenal of applications, strategies, policies, and procedures to assist clients in achieving better cybersecurity.