Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even ...

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
Ars Technica

336,000 servers remain unpatched against critical Fortigate vulnerability

Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company ...
EdTech

Configuring FSAE for Active Directory Access Control

Connor Anderson is vice president of Riverfront Technology in Clinton, Iowa. Security at the edge of the network is typically geared toward guarding against external threats. But Fortinet's latest ...
ZDNet

A Chinese APT is now going after Pulse Secure and Fortinet VPN servers

A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month.
Bleeping Computer

Fortinet delays patching zero-day allowing remote server takeover

Fortinet has delayed patching a zero-day command injection vulnerability found in the FortiWeb web application firewall (WAF) until the end of August. Successful exploitation can let authenticated ...
BizTech

Configuring FSAE for Active Directory Access Control

Connor is the vice president of Riverfront Technology in Clinton, Iowa. He has been working with computers since 1985, which he figures confers Grizzled Veteran status. Connor has a number of industry ...