Issue: Fortinet, a manufacturer of corporate firewalls, has announced a large vulnerability currently being exploited on their systems that allows for users to bypass multi-factor authentication and gain access to your environment. This vulnerability is several years old, but is still being actively leverage on over 10,000 devices.
Resolution: If you have a Fortinet devices that is current on updates, you should be fine from this vulnerability. However, please confirm that you are currently using the latest version of the Fortinet operating systems and firmware to ensure you are protected.
Risk 2: Medium
Issue: An ongoing, but modified, version of Glassworm (a malware designed to attack cryptocurrency wallets through the use of browser-based extensions) has been increasing in its attack radius. These worms attach themselves to your crypto wallets and syphon your crypto assets. The current line of attacks focus on Apple devices.
Resolution: The most important thing some one can do to avoid this risk is utilize a corporate security suite that scans for malware and viruses.
More so, it is important that wallet holders know and recognize the origins of the browser extensions they download and use. The crypto-market tends to be slightly more aggressive with trying new tools and applications; as such, they need to be just as aggressive on deploying new security measures.
Risk 3: High
Issue: ClickFix attacks have been modified yet again to target unsuspecting users. ClickFix is a social engineering method used to scare or entice people into clicking for help or support and, in return, downloading malicious software. The latest version, ErrTraffic, installs on a webserver and makes the website appear to have a ‘glitch’ or error and displays a pop-up enticing the user to try and correct the problem. Clicking the link downloads malware onto the users’ machines.
Resolution: While a security suite may detect and, hopefully, stop the malware upon download, the best way to stop these types of attacks is through user education and limiting web usage on the machines containing or with access to PII as much as possible.
The usage of ClickFix is growing so ongoing education is important.
Risk 4: Warning
Issue: Google is starting the process of allowing users to change their gmail e-mail accounts. As a result, people you typically contact or from whom you receive communications may adjust their e-mail address. This may create a problem for many spam and filtering software, as well as many inbox rules you may have.
Resolution: This is just a warning to be prepared for this transition as it may cause havoc on some of your systems.
Announced Data Breaches
Unleash Protocol
European Space Agency
Oltenia Energy Complex
Korean Air
Rainbox Six Siege (game)
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
Great roundup on the Fortinet issue. The multi-year lag between vulnerability discovery and patching on firewall firmware is such a persistent problem, especially in smaller orgs where no one's really owning device lifecycle. I've seen similar delays with network gear where teams assume "it's working fine" without checking patch cadence. The Glassworm browser extension angle is also worht noting, crypto users tend to move fast on new tools but lag on basic hygeine like extension audits.
Great roundup on the Fortinet issue. The multi-year lag between vulnerability discovery and patching on firewall firmware is such a persistent problem, especially in smaller orgs where no one's really owning device lifecycle. I've seen similar delays with network gear where teams assume "it's working fine" without checking patch cadence. The Glassworm browser extension angle is also worht noting, crypto users tend to move fast on new tools but lag on basic hygeine like extension audits.