Yeo & Yeo Technology would like to remind you about the importance of installing patches for known vulnerabilities on both network devices and servers. If YYTECH manages your network firewalls, no updates are necessary.
However, if your network firewalls are self-managed, you may need updates as cybercriminals are exploiting known firewall vulnerabilities.
For example, active exploits have recently been observed by the ConnectWise SOC on Fortigate firewalls vulnerable to CVE-2018-133. This CVE is nearly three years old but demonstrates the importance of patching. Attackers are leveraging this vulnerability to access the /dev/cmdb/sslvpn_websession file resulting in exposure of plaintext credentials for any logged-in SSL VPN users. Combining the common usage of ADsync and credential re-use, these firewall attacks present a serious risk of compromising emails and networks.
Available patches should be installed as soon as possible for those with self-managed networks to protect their data and credentials.