Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Posts
By: Dataprise
Table of content
In 2019, FortiGate firewalls had a zero-day vulnerability that was exploited globally, allowing attackers to harvest user VPN credentials, usernames and passwords, remotely. This vulnerability has been addressed and patched by Fortinet in 2019, however, recently, a database of more than 87,000 FortiGate SSL VPN credentials harvested in 2019 has been leaked to the Internet. Researchers have noted that while some of the credentials will no longer work, there are some that still do.
The vulnerability associated with the attack from 2019 has been patched and closed, however the risk of compromise still exists if user accounts have not had their passwords reset since 2019. Dataprise recommends forcing a reset of any user password that has not been changed in the last 365 days and enforcing Multifactor Authentication (MFA) to prevent exploitation of a compromised account.
Of the 87,000 exploited FortiGate devices belonging to a total of 22,500 companies, 2,959 of the organizations exploited are US-based companies.
Credentials harvested during this attack could still be used to log into a FortiGate VPN if the credentials have not been changed since the 2019 vulnerability was patched.
FortiWeb 6.3.0 through 6.3.7 and versions earlier than 6.2.4.
If you have not patched your FortiOS to the above versions, or higher, you should completely disable the web-management interface until patching has been completed and verified. At a minimum, narrow down the exposure of the web interface to specific IP addresses and/or internal networks only.
While impractical, at this point Fortinet recommends users to disable all VPNs until the remediation steps below are completed:
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.