A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa.
The race to plug network holes before attackers use them is running system managers ragged--so they're throwing up more barriers to stop intruders.
In recent years, the common wisdom has been that keeping up-to-date on software patches is key to safeguarding a company's networks against viruses, worms and other pests. But with dozens of flaws being discovered each week, that approach has turned out to be a Herculean task.
Firestarter is a GPL-licensed graphical firewall configuration program for iptables, the powerful firewall included in Linux kernels 2.4 and 2.6. Firestarter supports network address translation for sharing an Internet connection among multiple computers, and port forwarding for redirecting traffic to an internal workstation. Firestarter's clean and easy to use graphical user interface takes the time out of setting up a custom firewall.
If you're reading this on a Windows machine and you don't know if you have a personal firewall installed and running, then stop what you're doing and take care of that right now. At the very least, turn on the Windows firewall. This feature is available in the PC control panel, and enabling it only takes a few seconds. You can come back and read this once you've done that. I'll wait.
AT&T has announced that it has added worm and virus protection to its Internet Protect service network-based firewall that lets businesses protect themselves from a variety of threats without having to deploy firewalls at each of their locations. . . .
A DMZ (Demilitarized Zone) is a combination of firewalls -- a perimeter network segment logically between internal and external networks. Also called a "screened subnet," its purpose is to enforce the internal network's IA policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding internal networks from outside attacks. . . .
We recently had a situation in which one of our servers was accessed by someone from another building/floor who had no need to get into the system. Part of the problem was that someone left their username/password out in plain sight; that problem has been fixed. . . .