Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations
Why This Matters Now: In December 2023, a series of automated attacks exploited vulnerabilities in FortiCloud Single Sign-On (SSO) to alter firewall configurations. These attacks compromised the security of numerous organizations, underscoring the importance of robust identity and access management (IAM) practices. If you rely on FortiCloud SSO for managing access to your FortiGate firewalls, this post provides actionable steps to mitigate risks. 🚨 Breaking: Automated attacks exploiting FortiCloud SSO to alter FortiGate firewall configurations have been reported. Immediate action is required to secure your infrastructure. 100+Organizations Affected 24hrsTime to Respond Understanding the Attack Vector Vulnerability Overview The attacks leveraged weaknesses in the FortiCloud SSO implementation to gain unauthorized access to FortiGate firewall configurations. Attackers used automated scripts to exploit these vulnerabilities, allowing them to modify firewall rules and settings without proper authorization. ...