Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.

A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the ...

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...

Fortinet says threat actors are abusing CVE-2020-12812, an improper authentication vulnerability in FortiOS, in a fresh wave ...

A cybercriminal has released credentials associated with almost half a million Fortinet VPN accounts online. The account information was supposedly scraped from Fortinet devices, by exploiting a ...

Fortinet has warned that 87,000 sets of credentials for FortiGate SSL VPN devices have been published online. The California-based cybersecurity firm said on Wednesday that it is aware of the ...

Over 200,000 businesses that have deployed Fortinet VPN with its default configuration could be vulnerable to man-in-the-middle (MitM) attacks according to new research from the network security ...

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...

A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month.

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...