SecurityWeek

Fortinet Warns of New Attacks Exploiting Old Vulnerability

Fortinet says threat actors are abusing CVE-2020-12812, an improper authentication vulnerability in FortiOS, in a fresh wave ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication ...
SecurityWeek

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Threat actors are exploiting two recent critical Fortinet vulnerabilities to bypass SSO login authentication on FortiGate ...
heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to ...
CSO Online

FortiGate firewall credentials being stolen after vulnerabilities discovered

Arctic Wolf says last week’s revelation of authentication holes is leading to attacks on unpatched Fortinet devices.