Facebook adds Google Authenticator for Two-Factor Authentication

Good news! Facebook now makes Two-Factor Authentication (2FA) easier to set up by allowing common third-party apps like Google Authenticator or Duo Security on both desktop and mobile. 2FA adds layer of security to your Facebook login by requiring you to provide a passcode or from “something that you have” (which is the 2FA generated … Continue reading Facebook adds Google Authenticator for Two-Factor Authentication

Fortigate: Best Practices Guide (per Topic)

This Best Practice Guideline for Fortigate is compiled from both FortiOS 5.2 and 5.4 for common issues encountered by myself and shared to everyone to ensure the most secure and reliable operation of our Fortigate units. This is updated periodically as I come across known issues and best practice recommendations. A. General Configurations  Below are … Continue reading Fortigate: Best Practices Guide (per Topic)

Fortigate: Web Filtering is “Unreachable”

Came across this problem that I am unable to use "Web  Filtering" feature on my Fortigate 200B on Firmware 5.2.11 Web Filter error shows the following error before you can create a profile. Licensing information on Fortigate Portal shows I am licensed to use Web Filtering, but on my local firewall error shows "Unreachable" Things … Continue reading Fortigate: Web Filtering is “Unreachable”

Gartner’s 2017 Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) Released

  Here is an overview of the leaders in Unified Threat Management (UTM) for 2017. The quadrant is based on the vendor's ability to execute and the completeness of vision.  For 8th straight year, Fortinet is recognized as the market leader in UTMs. To learn more about Gartner's complete view of the UTM market, register for … Continue reading Gartner’s 2017 Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) Released

Mirai Botnet vs IoT: The “Internet of Things”

Wikipedia defines Internet of Things as: Image by: Wikipedia The Internet of things (IoT) is the inter-networking of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to collect and exchange data. It's basically any object … Continue reading Mirai Botnet vs IoT: The “Internet of Things”

Eternal Blues – a free EternalBlue vulnerability scanner

So, I came across this new tool that scans for vulnerability on your network against EternalBlue (the exploited tool used as a framework for many, if not most, of the well-known Ransomwares around)  called EternalBlues.exe developed by Elad Erez. Here are some tips from Elad before running the tool: Tips If you’re about to run … Continue reading Eternal Blues – a free EternalBlue vulnerability scanner

Petya, NotPetya Security Recommendations

Prevention To proactively prevent from being attacked by this Petya-family of malware or mitigate the damage: Keep your computer with the latest patch, especially apply Microsoft Windows security update MS17-010. Enable the Windows Firewall to block incoming requests to ports 135, 139, and 445. Disable SMBv1 in Windows https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and-windows. Segment your network into multiple network … Continue reading Petya, NotPetya Security Recommendations