Tech Blog
Fortinet Security Advisory – Critical Authentication Bypass in FortiOS
Today Fortinet announced a critical authentication bypass in its FortiGate products that could lead to administrator access. This vulnerability, CVE-2022-40684, has been patched and admins are advised to upgrade or implement workaround safeguards immediately. The...
Why do I need to maintain a firewall subscription?
You might think it strange to start an article about firewall subscriptions by first talking about cars, but I promise this is perfectly relevant! If we went car shopping in the 1970s, today's consumer would notice the vast difference of safety features in vehicles...
Goodbye Antivirus, Hello EDR!
For as long as we can remember, having antivirus (AV) software installed and updated was an important aspect of a healthy cyber security posture. However as threats have evolved, the tools that thwart attacks must evolve, and this includes antivirus. Threats are no...
Link Lock Phishing Protection
91% of cyber attacks begin with a phishing email. Phishing remains the most common and successful way for hackers to get their foot in the door before infecting an organization with malware. Often, those phishing emails contain counterfeit links that will lead a...
Hackers targeting HR with direct deposit change requests
Phishing is a cybersecurity attack where the perpetrator pretends to be a trusted source through an email. The thief may masquerade as your bank or your favorite place to shop and try to trick you into entering your username and password into their fake sites. ...
New zero-day threat – Log4j
On Friday, a vulnerability called "Log4j" that effects a large variety of consumer and business applications was revealed. This threat effects a tool that many closed and open-source applications use for logging purposes. This vulnerability is rated at 10, which is...
Thoughts on the Cisco ENCOR 350-401 Exam
Recently I passed the Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) exam. Wow what a mouthful! With the current generation of Cisco certs, the ENCOR exam is the first step in the CCNP certification path. Having gone through the old...
Recent regional and cloud outages
Within the past several weeks we've witnessed an unusually high number of outages that have impacted our clients in WNC. Some have been weather related and others due to system issues, but the end result is that businesses can't reach their necessary services! August...
Thoughts on the Fortinet NSE7 SD-WAN certification
I just passed the Fortinet NSE7 SD-WAN certification! I prepared by using the self-paced training courses on the Fortinet Training Institute (FTI). As with all material currently on the FTI, the courses are prewritten scripts read by voiceover talent. This is as dry...
Fortigate – DoS policy on WAN blocking VPN traffic
Applying a DoS policy on a WAN interface is a good practice that will help prevent flooding or abusive behavior from the internet. However, there is an undesired side-effect of choosing a WAN interface as the source for a DoS policy: If there are any VPN tunnels...