8 Apr
2021
8 Apr
'21
7:18 a.m.
| From: Russell Reiter via talk <talk@gtalug.org> | | The advisory says even if your org doesn't use the os you should apply | mitigations. | | https://siliconangle.com/2021/04/04/hackers-actively-targeting-fortios-vulne...
From there, I got to <https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf>
Long, but easy to digest. Scary. It's "let's attack SSL-based VPNs". Several vendors. But not OpenVPN for some reason. Perhaps because it isn't used as a corporate VPN. Hosts are definitely Linux.