Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
CSO Online

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes.
Bleeping Computer

Mandiant says new Fortinet flaw has been exploited since June

A new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. For ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...