Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Bleeping Computer

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable ...
Ars Technica

Yet another Fortinet question - 7.6.0 OK to install? (Updated from 7.4.3)

I'm asking in light of the recent vulnerabilities that we're seeing, but also just in general. I just updated my 80F to 7.2.7 (the 'mature' firmware, whatever that means). I see the option to upgrade ...
ChannelVision Magazine

AireSpring Expands Managed Security Services with Fortinet ZTNA

AireSpring announced the addition of Fortinet FortiClient zero trust network access (ZTNA) to its cybersecurity and ...
CSO Online

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Exploited in the wild prior to Fortinet’s advisory, the vulnerability allows unauthenticated attackers to remotely execute arbitrary code.