Salta al contenuto principale

mastodon - Collegamento all'originale
Which firewall vendor will disclose critical vulnerabilities in time to ruin Christmas for many? and why is it probably Fortinet?
Questa voce Γ¨ stata modificata (1 mese fa)
in reply to Jerry πŸ¦™πŸ’πŸ¦™

Jerry πŸ¦™πŸ’πŸ¦™
mastodon - Collegamento all'originale
Jerry πŸ¦™πŸ’πŸ¦™

RE: infosec.exchange/@jerry/115735…

Back when I was important, I saw the common trend of incidents being reported on Fridays or right before holiday breaks. I started asking the reporters (while thanking them) "why did you report it when you did?" and the response was consistent: "I knew this was important and I didn't want it to sit over the weekend/holiday without anyone knowing about it".

I suspect there may be a similar situation with discovered vulnerabilities.

Jerry πŸ¦™πŸ’πŸ¦™

2025-12-17 15:01:51

mastodon - Collegamento all'originale

Which firewall vendor will disclose critical vulnerabilities in time to ruin Christmas for many? and why is it probably Fortinet?

in reply to Jerry πŸ¦™πŸ’πŸ¦™

royal
mastodon - Collegamento all'originale
royal
My support roles always saw a spike in tickets just before lunchtime, and just before close of business. I always thought people had a list of things to get done before noon, and another list to get done before they leave for the day.
in reply to Jerry πŸ¦™πŸ’πŸ¦™

K.C. Budd
mastodon - Collegamento all'originale
K.C. Budd

I had a long discussion with a (MD of psychology) friend years ago about the "last chance" urgency effect on our brains. Essentially the same phenomenon that is believed to cause a squirrel to think "AHHH, RUN NOW" at the worst possible moment when a car is approaching.

I wonder if some of the same basal survival instinct wiring is responsible for this phenomenon. πŸ˜›

in reply to K.C. Budd

Jerry πŸ¦™πŸ’πŸ¦™
mastodon - Collegamento all'originale
Jerry πŸ¦™πŸ’πŸ¦™
@phreakmonkey perhaps. though I gather that these people thought they were actually being helpful and not doing it out of self preservation. Maybe that is there at some level, though, and the layers of cognition just build a cover story
@K.C. Budd
in reply to Jerry πŸ¦™πŸ’πŸ¦™

Daniel Blake
mastodon - Collegamento all'originale
Daniel Blake
@phreakmonkey Well it seems plausible, and it’s a good answer... They (the reporter/s) get hold of the story, they try to dig deeper, work on verifying… this of course being the workng week. By the end of the week, if they feel it is important enough, they - being known to be so altruistic - don’t want to β€œsit” on it... or much more likely, they are worried someone else might scoop them.
@K.C. Budd
in reply to Jerry πŸ¦™πŸ’πŸ¦™

Pauliehedron βœ…
mastodon - Collegamento all'originale
Pauliehedron βœ…
I'm voting ASA/Firepower. Because Forti at least forces upgrades these days, Cisco it's been a year so they due for some hard coded creds to appear.
in reply to Pauliehedron βœ…

Pauliehedron βœ…
mastodon - Collegamento all'originale
Pauliehedron βœ…
So I'm batting .200, it was Ironport on the Cisco side, and then also Sonicwall Management. But it's only hump day, we still got some time till push to prod day.
in reply to Jerry πŸ¦™πŸ’πŸ¦™

Pauliehedron βœ…
mastodon - Collegamento all'originale
Pauliehedron βœ…

We're getting there! Something this way comes...

infosec.exchange/@BleepingComp…

BleepingComputer (@BleepingComputer@infosec.exchange)

An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed onΒ Palo Alto Networks GlobalProtect and Cisco SSL VPN. https://www.bleepingcomputer.
BleepingComputer (Infosec Exchange)
in reply to Pauliehedron βœ…

Pauliehedron βœ…
mastodon - Collegamento all'originale
Pauliehedron βœ…

Son of a biscuit

infosec.exchange/@BleepingComp…

BleepingComputer (@BleepingComputer@infosec.exchange)

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. https://www.bleepingcomputer.
BleepingComputer (Infosec Exchange)
in reply to Jerry πŸ¦™πŸ’πŸ¦™

Pauliehedron βœ…
mastodon - Collegamento all'originale
Pauliehedron βœ…

We have a new contender!

mastodon.social/@cisakevtracke…

CISA KEV Tracker (@cisakevtracker@mastodon.social)

CVE ID: CVE-2025-14733 Vendor: WatchGuard Product: Firebox Date Added: 2025-12-19 Notes: Check for signs of potential compromise on all internet accessible instances after applying mitigations. For more information please see: https://www.watchguard.
CISA KEV Tracker (Mastodon)
in reply to Jerry πŸ¦™πŸ’πŸ¦™

kwayk42
mastodon - Collegamento all'originale
kwayk42

Cloudflare : *stands in the corner looking nervous*

Also Cloudflare : We... We don't count as a firewall, right?

#FuckCloudflare

#fuckcloudflare
Unknown parent

Jerry πŸ¦™πŸ’πŸ¦™
mastodon - Collegamento all'originale
Jerry πŸ¦™πŸ’πŸ¦™
don't worry - they've had their best developers working hard to create some new vulnerabilities for people to discover
in reply to Jerry πŸ¦™πŸ’πŸ¦™

considerate
mastodon - Collegamento all'originale
considerate
the Grinch is the APT behind all of these. We've been downplaying his capabilities for too long.

Questo sito web utilizza cookie tecnici e di sessione. Proseguendo la navigazione su questo sito, accetti l'utilizzo dei cookie.

⇧