Fortinet revealed that threat actors effectively exploited three vulnerabilities in FortiGate and FortiOS appliances, despite these flaws being previously addressed. The attacks utilized symlinks, allowing unauthorized access to critical system configuration files. Fortinet has provided mitigations and urged customers to either patch their systems or disable SSL-VPN to prevent exploitation. Industry experts indicate that this incident reflects a disturbing trend where attackers develop sustaining methods to maintain access even after organizations attempt to secure their systems, asserting that conventional security measures may no longer be sufficient.
Fortinet has admitted that attackers exploited three previously thought-fixed vulnerabilities, highlighting a troubling trend of persistent access strategies in cybersecurity.
An unidentified threat actor created a symlink granting read-only access to crucial system resources, demonstrating a sophisticated method of bypassing security.
Collection
[
|
...
]