Using FortiGate VPN?
Do this: Make sure to replace the default self-signed SSL certificate.
Why: "Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle (MitM) attacks, according to researchers, where threat actors could intercept important data." Note that Fortinet does not consider this as a vulnerability as they provide warnings during setup to replace the built-in certificate.
Additional Info: https://threatpost.com/fortigate-vpn-default-config-mitm-attacks/159586/
Worried About the Windows Source Code Leak?
Do this: Worry a little less, focus on creating an exceptional patching process in your organization.
Why: Source code for multiple end-of-life operating systems in the Windows and MS-DOS families have been made available online. But this isn’t the first time and probably won’t be the last.
Additional Info: Matt dives in deeper on our blog.
Send Us Your Comments
What did you think of this article? Send us a note to let us know what you liked, would like to see more of, or what we can do better. And don't be surprised if we reach back out with a small 'thank you' gift for your feedback.