Hackers are actively targeting FortiOS vulnerabilities, warn FBI and CISA
SHARE
The U.S. Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have released a joint cybersecurity advisory warning that hacking groups are actively targeting vulnerabilities in Fortinet Inc.’s FortiOS.
While not naming which hacking groups that are targeting the operating system, the April 2 advisory describes them as advanced persistent threat groups, hacking groups that are typically sponsored by nation-states.
The APTs are said to be scanning devices on ports 4443, 8443 and 10443 for three vulnerabilities: CVE-2018-13379, a vulnerability that allows an unauthenticated attacker to download system files through SSL VPN; CVE-2020-12812, also an improper authentication vulnerability in SSL VPN in FortiOS; and CVE-2019-5591, a default configuration vulnerability that allows an attacker to intercept sens
SHARE
Microsoft Corp.’s Security Response Center today concluded its internal investigation into the SolarWinds Worldwide LLC breach, finding that although some source code was downloaded, there was no evidence hackers had abused internal systems or products to attack its users.
Reports that Microsoft had been a possible victim of the SolarWinds hack first emerged Dec. 17 with the suggestion that the hackers had breached the company and then used Microsoft’s products in follow-on attacks against others. The report was denied by Microsoft President Brad Smith at the time, but to the company’s credit it then launched a full internal investigation into anything to do with SolarWinds and the hackers involved.