Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
ITWire

Fortinet firewalls hit with new zero-day attack, older data leak

On Wednesday, January 15, 2025, a threat actor named “Belsen Group” published a trove of Fortinet FortiGate firewall data on the dark web, allegedly from 15,000 organisations. The data released ...
Bleeping Computer

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical ...
CSOonline

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration changes from attacks on an unpatched flaw. Fortinet has confirmed that a new ...