Ars Technica

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by ...
Bleeping Computer

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
CSOonline

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...
Ars Technica

Fortigate, BGP and dual-homing

First time I'm configuring this, and despite the documentation claiming otherwise, it just refuses to work right. Fortigate 200D running 5.0.11, split into two VDOMs with a VDOM link between them. The ...
Dark Reading

Critical Fortinet Flaws Under Active Attack

Attackers targeted admin accounts, and once authenticated, exported device configurations including hashed credentials and ...
TechRepublic

Fortinet vs Palo Alto (2024): Which NGFW Is Best for Your Team?

Fortinet vs Palo Alto (2024): Which NGFW Is Best for Your Team? Your email has been sent As two top NGFWs, Fortinet FortiGate seems to best fit small businesses, while Palo Alto works best for larger ...