In this episode of What You Should Know we look at authentication bypass in security edge appliances. Attackers are increasingly targeting edge devices to gain initial access to victim environments, with 2024 seeing the largest ever year-on-year rise in incidents that resulted in an impact. Using CVE-2024-55591, an authentication bypass vulnerability affecting FortiOS and FortiProxy as a case study, we’ll explore analysis by Arctic wolf that monitored threat actors who used this weakness to gain super-admin access to Fortinet’s next-generation firewall. With this course, you’ll understand what this vulnerability means to you, what indicators of compromise to look for in your environment, and the steps you need to take to mitigate your organization’s exposure.
Overview
In this episode of What You Should Know we look at authentication bypass in security edge appliances. Attackers are increasingly targeting edge devices to gain initial access to victim environments, with 2024 seeing the largest ever year-on-year rise in incidents that resulted in an impact. Using CVE-2024-55591, an authentication bypass vulnerability affecting FortiOS and FortiProxy as a case study, we’ll explore analysis by Arctic wolf that monitored threat actors who used this weakness to gain super-admin access to Fortinet’s next-generation firewall. With this course, you’ll understand what this vulnerability means to you, what indicators of compromise to look for in your environment, and the steps you need to take to mitigate your organization’s exposure.
Taught by
Matthew Lloyd Davies
Related Courses
-
CVE-2024-0012 Palo Alto PAN-OS Authentication Bypass: What You Should Know
-
CVE-2024-43639 RCE Vulnerability in Windows Kerberos: What You Should Know
-
Ivanti Connect Secure VPN Vulnerability: What You Should Know
-
Windows TCP/IP Remote Code Execution Vulnerability: What You Should Know
-
CVE-2024-43491 Windows Update Remote Code Execution: What You Should Know
-
OpenPrinting CUPS Remote Code Execution Exploit Chain: What You Should Know
