Cybersecurity

5668 readers

82 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls - Patch Now! (thehackernews.com)

submitted 1 year ago by borari@sh.itjust.works to c/cybersecurity@sh.itjust.works

3 comments fedilink hide all child comments

Fortigate published a patch for CVE-2023-27997, a Remote Code Execution vulnerability reachable pre-authentication, on every SSL VPN appliance.

top 2 comments

sorted by: hot top controversial new old

[–] computerboss@sh.itjust.works 1 points 1 year ago (1 children)

I bought a fortunate 60e a few months ago to play around with. After setting up some vlans, subnets, and firewall rules I am considering just selling it. Without a license you don't even get security updates. So at this point opnsense might be my next firewall to learn on. I was just trying to my hands on what is actually being used by companies.

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

[–] borari@sh.itjust.works 3 points 1 year ago* (last edited 1 year ago)

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

Like you said, I think companies should be prohibited from locking security updated behind a license paywall. Features are one thing, and while I would also like free homelab licenses, I understand why companies don't offer them, especially for products like enterprise firewalls, routers, and switches. A company shouldn't require you to pay more money to secure something they shipped with a vulnerability. Honestly this kind of shit should take precedence over the squabbling about USB-C, App Store monopolies, or whatever other flavor of the month issue the EU or the US is lambasting tech companies for.

load more comments