Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Infosecurity-magazine.com

New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls

A new threat actor has leaked configuration files and virtual private network (VPN) information for 15,000 firewall devices provided by security vendor Fortinet. On January 15, Kevin Beaumont, an ...
HHS

Fortinet Edge Devices Under Attack - Again

Hackers may have circumvented a months-old patch for Fortinet gateway devices leading to a warning from the U.S. federal government over its active exploitation. At least one security researcher says ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Bleeping Computer

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP ...