Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall ...
The Register on MSN

FortiGate firewalls hit by silent SSO intrusions and config theft

Admins say attackers are still getting in despite recent patches FortiGate firewalls are getting quietly reconfigured and ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
CSO Online

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...
Bleeping Computer

Mandiant says new Fortinet flaw has been exploited since June

A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. For ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Dark Reading

Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks

A zero-day flaw is likely to blame for a series of recent attacks on Fortinet FortiGate firewall devices that have management interfaces exposed on the public Internet. Attackers are targeting the ...