June 17, 2021

Volume XI, Number 168

Advertisement

June 16, 2021

Subscribe to Latest Legal News and Analysis

June 15, 2021

Subscribe to Latest Legal News and Analysis

June 14, 2021

Subscribe to Latest Legal News and Analysis

FBI Issues Flash Alert to Users of Fortinet Fortigate

The FBI recently issued a Flash Alert to Fortinet Fortigate users that Advanced Persistent Threat (APT) groups are continuing to exploit devices that have not been patched. Although Fortinet issued patches for these vulnerabilities in 2018, 2019, and 2020, many organizations have not applied the patches.

The exploitations are random,  not against specific industries or sectors, and seem to be focused on just targeting unpatched devices. According to a Joint CISA and FBI alert issued in April 2021, the vulnerabilities could be used by threat actors to exfiltrate data, encrypt data, and stage for additional attacks.

Not patching vulnerabilities in software that is actively being used by your organization is giving threat actors easy access to valuable data, akin to not locking your door and allowing a burglar to enter and steal all your valuables. These are not new vulnerabilities nor are they new patches. Check with your IT professionals to confirm that these patches have been applied.

Copyright © 2021 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 161
Advertisement
Advertisement
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement
Advertisement

About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence
Partner

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

401-709-3353
Advertisement
Advertisement