Security Holes in Business Firewall Equipment Are Being Attacked

Attackers are actively exploiting two security vulnerabilities in FortiSandbox, a security product made by Fortinet. The vendor first disclosed these flaws in April, but hackers are now taking advantage of them. Multiple security firms have confirmed the attacks are coming from various sources, not just one group. This affects businesses and organizations that use FortiSandbox equipment, not typical home users.

If you are a home internet user with a regular router or firewall, you are not at risk from this particular threat. However, if you work for a company that uses Fortinet equipment, your employer's network could potentially be vulnerable. The IT department at your workplace should be addressing this issue. For home users, no immediate action is required. You do not need to change passwords or check your accounts based on this news alone. If you work for a company and are concerned, you can ask your IT department whether they use FortiSandbox and if they have applied the security updates that Fortinet released in April. This story highlights an important lesson for everyone. When software companies release security updates, they need to be installed quickly. At home, make sure your router, computers, phones, and other devices are set to update automatically. Many attacks happen because people delay installing fixes that are already available. Set aside time each month to check that all your family's devices have the latest updates installed.