Fortinet SSL VPN vuln || Apple's possible case for privacy violation
CyberInsights #73
Fortinet announces a bug in its SSL VPN
The second time in as many months…
A buffer overflow attack that is being actively exploited. Read more on the Fortinet website.
The immediate workaround is to disable SSL VPN.
Then, check the logs to see the indicators of compromise mentioned in the website.
Check for connection to CNC IPs:
Take Action:
Well, it’s obvious really, but let me spell it out:
If your SSL VPN is vulnerable, upgrade the FortiOS.
France Digitale claims Apple tracks users without consent
Apple uses privacy to sell devices. If true, this claim might hurt their reputation.
Apple was accused of privacy violations by CNIL (Commission nationale de l'informatique et des libertés) a French watchdog. CNIL has a tagline - To protect personal data, support innovation, preserve individual liberties
The Register reports that CNIL recommends a fine of 6 million Euros on Apple.
According to the accusation, with the release of iOS 14, Apple gave users the ‘freedom’ to protect their privacy and allowed users to prevent cross site tracking cookies. Read this documentation where you can configure cross site tracking cookies on your Apple device. Apple released it with much fan-fare about data protection.
While Apple stopped Facebook from tracking users, allegedly, they did not apply the same rules to themselves and continued to track users.🙄. They stopped it some time later.
Take Action:
Nothing really. Maybe, take all ads with a pinch of salt?
Enjoyed reading? Receive this in your email every week.