On Patch Tuesday of last November, Microsoft released advisories to address several vulnerabilities in Active-Directory.
Analysis of these vulnerabilities showed that by combining CVE-2021-42278 and CVE-2021-42287 it is possible, under default conditions, for a regular user to easily impersonate a domain admin. This means that any domain user can effectively become a domain administrator, which makes these vulnerabilities extremely severe. Moreover, there are already several Github repositories with free-to-use PoC code that facilitates the exploitation of these vulnerabilities.
In this post, we will describe how the exploitation of these vulnerabilities works and show how the attack is mitigated by FortiEDR.
It is not news that healthcare organizations are in the crosshairs of cyberattackers looking to steal valuable personal information. Geographically dispersed healthcare organizations also face a particularly complex set of challenges to their cybersecurity and network operations.
Limited personnel, bandwidth constraints, and slim budgets may reduce the ability of healthcare businesses to deploy and secure a high-performance network across many office locations. At the same time, there is a proliferation of connected devices, and high-performance access is needed to a variety of healthcare apps and electronic health records.
One Latin American healthcare organization faced these pressures as it grew operations to include more than 30 branches-such as outpatient centers, clinics, and laboratories-across an entire country. Its technology infrastructure needed to provide fast connectivity so that healthcare service providers could coordinate care seamlessly as the organization scaled. Decision-makers saw software-defined wide-area networking (SD-WAN) as an excellent option for improving application performance and resiliency across all 30-plus offices.
In March, Fortinet is once again holding its annual Accelerate conference in digital format, which will offer limitless opportunities to learn more about important industry trends facing organizations around the world and developments from Fortinet
Customers and partners are invited to join online at no cost to hear about the latest cybersecurity innovations from Fortinet executives and experts. This year's conference will deliver engaging and inspiring sessions designed to broaden perspectives and help improve security.
- March 8-10: Americas
- March 9-11: Asia
- March 9-11: EMEA
Registration opens on January 11, 2022. The event is free and available to anyone interested in Fortinet products and solutions. Activities include keynotes and sessions with virtual interaction opportunities.
See all Archived Fortinet News articles
See all articles from this issue