The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication ...

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to ...

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two new critical vulnerabilities have been discovered in Fortinet products, and since they are being actively abused in the ...
SecurityWeek

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Threat actors are exploiting two recent critical Fortinet vulnerabilities to bypass SSO login authentication on FortiGate ...
Dark Reading

Critical Fortinet Flaws Under Active Attack

Attackers targeted admin accounts, and once authenticated, exported device configurations including hashed credentials and ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Forbes

CrowdStrike And Fortinet Join Forces To Stop Threats Across Networks And Endpoints

Forbes contributors publish independent expert analyses and insights. Tony Bradley covers the intersection of tech and entertainment. In an ambitious move to tackle the increasingly complex ...
heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...