ZDNet

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

Fortinet has warned that 87,000 sets of credentials for FortiGate SSL VPN devices have been published online. The California-based cybersecurity firm said on Wednesday that it is aware of the ...
Bleeping Computer

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the ...
Threat Post

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. The FBI and the Cybersecurity and ...
Ars Technica

Fortigate SSL VPN

I've wasted away most of the day trying to get this working. We currently use SSL VPN for remote users. It uses ldap to authenticate the users in AD. In preparation of an AD migration we want a test ...
Bleeping Computer

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was ...
IT News For Australia Business

Long list of vulnerable Fortinet SSL VPNs published

A large list of almost 50,000 internet-reachable Fortinet FortiGate virtual private networking systems that contain an easily exploitable vulnerability has been published on the web and social media.