Fortinet firewalls hit by huge password-stealing attack — around 75,000 users possibly affected

Researchers discovered a major database containing plaintext passwords.
Computing

FortiBleed: Leaked admin credentials expose nearly 74,000 Fortinet firewalls worldwide

A recently uncovered dataset known as “FortiBleed” contains user and administrator credentials for 73,932 Fortinet firewall ...
ZDNet

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

The California-based cybersecurity firm said on Wednesday that it is aware of the disclosure, and after investigating the incident, has come to the conclusion that the credentials have been obtained ...
Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...
Tempo.co English

FortiGate Leak: 50 Indonesian Bodies Under Threat?

The global FortiBleed leak has compromised FortiGate devices across 194 countries, impacting at least 50 state and private ...
The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...
Infosecurity-magazine.com

Fortinet Addresses Critical FortiGate SSL-VPN Vulnerability

Network security solution provider Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN software that could be exploited to hijack equipment. The vulnerability, identified as ...
Ars Technica

Fortinet SSL VPN Problem

I'll work with Fortinet support on this also, but thought I would ask you guys in case you had run into this. We have a user that connects from home via the Fortinet SSL VPN. It had been working then ...
Bleeping Computer

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the ...