Bleeping Computer

Fortinet: Govt networks targeted with now-patched SSL-VPN zero-day

Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related targets. The security flaw (CVE ...

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

A recent Fortinet patch may not work as well as expected ...
CSO Online

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...
Threat Post

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. The FBI and the Cybersecurity and ...
Network World

Fortinet gets into the SSL VPN game

There’s a new name in SSL VPNs and it is Fortinet. The company is adding SSL VPN software to the standard package loaded on its FortiGate hardware, making it an SSL VPN gateway in addition to all the ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.
ZDNet

Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised

Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have ...
Computer Weekly

Warning over ransomware attacks spreading via Fortinet kit

Ransomware operators are exploiting Fortinet network devices that remain vulnerable to a critical authentication bypass vulnerability, according to research publicly released today by eSentire’s ...