Fortinet Technical Tips
- von kamanDescription This article provides a solution for the issue where, despite importing the Fortinet_GUI_Server certificate into the Windows Trusted Root CA store, the FortiGate login page still displays a […]
- von dingjerry_FTNTDescription This article describes how to display images on the a Web Filter Block page. Scope FortiGate. Solution Images can be added to the Web Filter Block Replacement Message with […]
- von dkochharDescription This article describes how to block ICMP timestamps and replies for internal traffic that originates from behind the FortiGate. Scope FortiGate. Solution This article demonstrates an example of how […]
- von princesDescription This article describes the behavior of IPsec tunnels in transport mode. Scope All FortiGate. Solution The IPsec tunnel default configuration will ask the local and remote subnets to allow […]
- von rmreddyDescription This article describes how to move the authentication rule to the top and the bottom in SSL VPN. Scope FortiGate. Solution To view authentication rules, it is necessary to […]
- von Matt_BDescription This article discusses FortiOS behavior when applying administrative lockout after multiple invalid API keys are seen from the same IP address. In particular, this article notes the increasing lockout […]
- von ojacintoDescription This article describes the behavior by design for allowed existing sessions after the ZTNA tag is removed on FortiGate and how to block the traffic once the ZTNA tag […]
- von majid23Description This article describes that to integrate FortiSwitch with FortiGate and FortiNAC, syslog logs might not be properly transmitted from FortiGate to FortiNAC. This can result in missing MAC address […]
- von smaccoDescription This article describes how to prevent activation loops when using a connection type like PPPoE or similar, where the license activation fails due to additional headers introduced by this […]
- von WallersonDescription This article describes what happens when changing the 'hif-queue-customize' parameter in an HA environment. Scope FortiGate NP7 models. Solution Changing 'hif-queue-customize' requires a reboot to take effect. In an […]
Fortinet Firmware Updates
- FortiNAC-F 7.6.1 B0681 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiClientMac 7.0.14 B0453 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiClient 7.0.14 B0585 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiNDR 7.2.4 B0410 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiProxy 7.6.1 B1532 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiAnalyzer-BigData 7.2.9 B0683 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiOS 7.6.1 B3457 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiSwitch 7.4.5 B0880 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiWeb 7.6.1 B1010 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiSwitch 7.2.9 B0517 and release notes are available for download from the Support site : https://support.fortinet.com
Fortinet Thread Blog
- Fortinet contributes to major INTERPOL and AFRIPOL cybercrime operations arrests of members of cybercrime groups operating across Africa. These individuals specialize in ransomware, digital extortion, online scams, and Business Email […]
- FortiGuard Labs has uncovered an attack targeting companies in Taiwan with SmokeLoader, which performs its attack with plugins this time. Learn more.
- Interlock is a recent ransomware variant that has victimized organizations in the United States and Italy, but may have hit other countries. The ransomware affects not only Windows, but also […]
- Black Friday and Holiday Shopping Threats Targeting Shoppers on the Darknet. Learn more.
- From more sophisticated playbooks to a rise in cloud attacks, cybercriminals are upping the ante to execute more targeted and harmful activities. Learn more.
- See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.
- FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.
- A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day […]
- When the GeoServer vulnerability CVE-2024-36401 emerged, the FortiGuard Labs gathered related intelligence. This blog highlights the threat actors and how they exploit and use the vulnerability.
- FortiGuard Labs has uncovered a fresh threat – Emansrepo stealer, which is distributed via multiple attack chains for months. Learn more.
Cert Bund News
- Ein anonymer Angreifer kann mehrere Schwachstellen in Bouncy Castle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen DNS-Poisoning-Angriff durchzuführen.
- Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
- Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
- Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen unspezifischen Angriff durchzuführen.
- Ein Angreifer aus einem angrenzenden Netzwerk kann eine Schwachstelle in TianoCore EDK2 ausnutzen, um einen Denial of Service Angriff durchzuführen.
- Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in GNOME in den libsoup und glib Bibliotheken ausnutzen, um Daten zu manipulieren, um einen Denial of Service Zustand herbeizuführen und um nicht […]
- Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um Informationen offenzulegen oder einen Denial-of-Service-Zustand zu erzeugen.
- Ein entfernter Angreifer kann mehrere Schwachstellen in SonicWall SMA ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.
- Ein lokaler Angreifer kann eine Schwachstelle in Checkmk ausnutzen, um Informationen offenzulegen.
- Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in CyberPanel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Microsoft Exchange Team Blog
RSS-Fehler: A feed could not be found at `https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=6850040437866647932&board=Exchange&size=25`; the status code is `404` and content-type is `text/html; charset=utf-8`
MSXFAQ Newsfeed
- 05. Dez 24 PTP – Precision Time Protocol – Windows 10/11/2019+ können ihre Zeit auch per PTP statt NTP erhalten. Dennoch kein Grund zu wechseln
- 03. Dez 24 Dynamische Verteiler und Exchange Hybrid – Nutzen sie dynamische Verteilerlisten? dann sollten Sie die Probleme mit ADSync, Migration und Mailrouting kennen
- 03. Dez 24 Kernelzeit / PrivilegedProcessorTime – Was bedeuten hohe CPU-Last durch Kernelzeiten und wie kann ich Sie analysieren
- 30. Nov 24 E-Mail Bombing – Angriff, Verschleierung oder was steckt hinter Massenmails auf ein Postfach?
- 29. Nov 24 Externe Member, Gast, Kontakt – Einsatzbereiche und Konflikte mit Identitäten
- 27. Nov 24 Updates für Exchange 2019/2016 Nov 24 Security Update v2 rereleased
- 23. Nov 24 ARC mit Exchange Online – Exchange Online unterstützt SPF, DKIM, DMARC und ARC – Was bedeuten die Header und die Einstellungen?
- 21. Nov 24 EXO Empfängerrichtlinien und EmailAddressPolicyEnabled – Gibt es in Exchange Online auch Empfängerrichtlinien und vielleicht einen RUS und welche Rolle spielt ADSync?
- 20. Nov 24 Group Writeback – V1 ist weg, V2 abgekündigt, was kommt danach zum Abgleich von Teams Teams ins lokale AD?
- 19. Nov 24 EXO Message Pending – Überwachung von Exchange Online auf "Pending"-Messages und Unstimmigkeiten