Virtual "Private" Network

Virtual "Private" Network

Mar 22, 2021

Many of us have used VPN's before, right? At some point, we've seen so many privacy breaches on the open internet and decided to get the 100% secure virtual private network...but are they really secure? Conducting adequate research into a prospective VPN service is necessary to decide if it is the right one for you, because, unfortunately, not all VPNs are created equal.

In this case, Fortinet, a fairly well utilized VPN service with a large user database, was hacked and over 200,000 user credentials were released due to Fortinet using a default SSL certificate. Any security setting as default is generally not secure, but a VPN? Default SSL certificate? That is mind boggling. However, this was not the only incident Fortinet has run into. While this certificate hack was in September 2020, just 2 months afterwards, a hacker going by the name of "pumpedkicks" has shared a list of nearly 50,000 Fortinet IP addresses vulnerable to a certain SSL exploit...again! Some of these addresses even include banks, governments, and financials administrations.

Now, this is not a review of Fortinet VPN, merely a statement of their most recent vulnerabilities, but this should encourage us all to research into prospective VPN's before we use their service. After all, we are entrusting them with a direct connection to our network and data; shouldn't we be able to trust them with that process?

https://www.bleepingcomputer.com/news/security/hacker-posts-exploits-for-over-49-000-vulnerable-fortinet-vpns/#.X7u_UN6IGSw.facebook

Enjoy this post?

Buy JMC Information Technologies a sailboat

More from JMC Information Technologies