Site icon The Cybersecurity Daily News

Fortinet Still Targeted By APTs; FBI Alert


CyberDaily: Cybersecurity news-

The FBI has newly issued a flash alert wherein it has been noted that APT( Advanced Persistent Threat) groups are still exploiting vulnerable Fortinet products that have unpatched security flaws.

FBI’s critical alert for Fortinet:

A noteworthy example of this is when an APT group recently exploited a Fortinet device to access a web server hosting the domain for a U.S. municipal government.

According to the FBI, the APT group created an account with a phony username under ‘elie’ to supplement and enable malicious activity in the US municipal government network

Formerly, the FBI issued a warning about three vulnerabilities in the Fortinet operating system, called FortiOS. 

The FBI notes that the APT groups are ardently targeting “a broad range of victims across multiple sectors, indicating the activity is focused on exploiting vulnerabilities rather than targeted at specific sectors.”

In its flash alert, the FBI has prompted users of vulnerable Fortinet products to immediately patch the flaws to prevent attacks.

Also read,

Fortinet’s FortiOS security flaws:

According to the FBI, the three Fortinet FortiOS vulnerabilities that are still being exploited are:

The FBI offered risk mitigation steps for Fortinet users that, beyond patching, include:

According to Fortinet, the three vulnerabilities had been resolved and issued patches for by the organization between August 2019 and July 2020, and patches were issued.

Exit mobile version