Jan 22
FortiGate Firewalls Compromised via SSO Abuse
Attackers are exploiting SSO access on FortiGate devices to export configurations, add admin accounts, and open persistent VPN access within seconds.
Source: Arctic Wolf
Read more: CyberSecBrief
seen from Italy
seen from United States
seen from United Kingdom
seen from United States
seen from Italy
seen from Italy
seen from Australia
seen from France
seen from United Kingdom
seen from Saudi Arabia
seen from Italy
seen from United States
seen from Argentina
seen from India
seen from Angola
seen from Italy
seen from Czechia
seen from China
seen from United States
seen from China
FortiGate Firewalls Compromised via SSO Abuse
Attackers are exploiting SSO access on FortiGate devices to export configurations, add admin accounts, and open persistent VPN access within seconds.
Source: Arctic Wolf
Read more: CyberSecBrief
Cybersecurity Glossary
Over the course of this year I have explained to colleagues and clients who’s roles are not in Cybersecurity what certain phrases or abbreviations mean. After I while I started to drop them into a word document so I could reuse them. Then I decided to make this post so I can easily share the explanations. There are bound to be things missing, please drop a comment if I have missed something and…
View On WordPress
Firewall Crash Bug Hits GlobalProtect
A high-severity flaw lets unauthenticated attackers remotely knock Palo Alto firewalls offline by abusing GlobalProtect gateway and portal handling.
Source: The Hacker News | Palo Alto Networks PSIRT
Read more: CyberSecBrief
MySonicWall backup breach exposes firewall credentials
SonicWall confirmed that a brute-force attack accessed backup firewall files in MySonicWall accounts, potentially exposing encrypted credentials and configuration data to attackers.
Source: BleepingComputer | SonicWall
Read more: CyberSecBrief
(via Congress made it illegal to protect your own data. - YouTube)
“Little Snitch for Linux is written in Rust and uses eBPF for kernel-level traffic interception (this lets sandboxed code run inside the Linux kernel without modifying it). The tool shows processes on your machine making network connections, and give you options to block them using rules. While Linux has native network monitoring tools, the best known being OpenSnitch (inspired by Little Snitch). None of those, as Christian puts it, gave him what he wanted: see which process are making which connections, and deny any a single click. So he built it.”
Compared to OpenSnitch, this app works via a browser tab, and can visualise at process level. It is not open source software though, like OpenSnitch is, but it is free to download and use on Linux. It does have both automated blocklists at domain level (such as Hagezi, Peter Lowe, Steven Black) and also rules that can target a specific process, port/s, or protocol/s.
By default, it is open access, but you can configure it for authenticated access too.
See https://www.omgubuntu.co.uk/2026/04/little-snitch-linux or their site at https://obdev.at/products/littlesnitch-linux/index.html
Cyber Essentials Certification: The Definitive 2026 Checklist for UK SMEs
Cyber Essentials Certification Need help with Professional support with Cyber Essentials Certification? In the current digital landscape, cybersecurity isn’t just an IT concern—it’s a prerequisite for doing business. For UK SMEs, the Cyber Essentials Certification is the gold standard for proving to clients, partners, and the government that you take data protection seriously. Whether you are…