| From: Russell Reiter via talk <talk@gtalug.org> | | The advisory says even if your org doesn't use the os you should apply | mitigations. | | https://siliconangle.com/2021/04/04/hackers-actively-targeting-fortios-vulne... I was not aware of FortiOS. I found that it is "the Heart of the Fortinet Security Fabric" which doesn't help me. I conclude: I don't care. The advisory that lists mitigations: <https://www.ic3.gov/Media/News/2021/210402.pdf> It seems to say 1) if you run FortiOS, you may have a few problems 2) even if you don't run it, you should "add key artifact files used by FortiOS to your organization’s execution denylist." [I don't have an execution denylist.] 3) the usual Good Things, none specific to this vulnerability. Nothing struck me as interesting. Is there something I'm missing?