WatchGuard announces Dark Web Scan Feature

WatchGuard announced in the last days a new feature called Dark Web Scan. The feature is hosted in the WatchGuard cloud. With this new tool, you can perform searches based on email addresses and domain names to see which accounts have been exposed on the dark web during known data breaches.

Here are some screenshots from my test:

You can find the Dark Web Scan in your WatchGuard Cloud account under Administration –> Dark Web Scan
„WatchGuard announces Dark Web Scan Feature“ weiterlesen

WatchGuard Fireware Features pro Version

Sicherlich haben Sie sich schon gefragt, wann welches Feature in welchem Fireware Release eingeführt wurde. Da sich dies nur mühsam per Release Notes oder Dokumentation rausfinden lässt, hat WatchGuard für ihre Features einen KB Artikel mit einer Feature Liste pro Version erstellt:

New Firebox features by Fireware version
https://watchguardsupport.secure.force.com/publicKB?type=Article&SFDCID=kA10H000000boxYSAQ&lang=en_US

Menlo Security Prevents Zero-Day Threat on Internet Explorer

The still-active Zero-Day Exploit threatens the frequently vulnerable JavaScript Engine

Customers of Menlo Security using Internet Explorer (IE) are protected against a recent and still-active zero-day exploit using Internet Explorer, as outlined by Microsoft’s security update CVE-2020-1380.

The remote code execution vulnerability allows an attacker to take advantage of how the engine handles memory and to force corruption.

„Menlo Security Prevents Zero-Day Threat on Internet Explorer“ weiterlesen

Fortigate VM Azure: IPsec performance issue

Based on two recent support cases regarding the IPsec performance between an OnPrem and Azure FortiGate, we did some testing using the latest FortiOS 6.4.1.

We’ve created a basic IPsec tunnel using the wizard, deployed an Ubuntu machine at both sites and used iPerf3 to do some speed testing. The results were nowhere near the expected numbers, while sending from Azure to OnPrem (~250Mbit/s) was a bit faster than reverse (~120Mbit/s).

„Fortigate VM Azure: IPsec performance issue“ weiterlesen

 726 total views,  6 views today

Upgrade your FortiMail now!

There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.

The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.

„Upgrade your FortiMail now!“ weiterlesen

 711 total views,  1 views today