Security News

Passwords exposed for almost 50,000 vulnerable Fortinet VPNs
2020-11-25 08:16

A hacker has now leaked the credentials for almost 50,000 vulnerable Fortinet VPNs. Over the weekend a hacker had posted a list of one-line exploits for CVE-2018-13379 to steal VPN credentials from these devices, as reported by BleepingComputer. The exploitation of critical FortiOS vulnerability CVE-2018-13379 lets an attacker access the sensitive "Sslvpn websession" files from Fortinet VPNs. These files contain session-related information, but most importantly, may reveal plain text usernames and passwords of Fortinet VPN users.

Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs
2020-11-22 11:40

A hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices. The vulnerability being referred to here is CVE-2018-13379, a path traversal flaw impacting a large number of unpatched Fortinet FortiOS SSL VPN devices.

Zerologon Chained With Fortinet, MobileIron Vulnerabilities in U.S. Government Attacks
2020-10-12 12:56

The U.S. Cybersecurity and Infrastructure Security Agency has warned that government networks have been targeted in attacks exploiting the Zerologon vulnerability in combination with flaws affecting Fortinet and MobileIron products. "This recent malicious activity has often, but not exclusively, been directed at federal and state, local, tribal, and territorial government networks. Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks," CISA said in an advisory written with contributions from the FBI. It added, "CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised."

Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers
2020-09-25 12:37

Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution-with default configuration-to enable employees to connect remotely are vulnerable to man-in-the-middle attacks, allowing attackers to present a valid SSL certificate and fraudulently take over a connection. The main reason for this is that the bundled default SSL certificate uses the router's serial number as the server name for the certificate.

Fortinet unveiled the FortiGate 4400F, a firewall capable of securing 5G networks
2020-08-07 01:00

Fortinet announced the FortiGate 4400F, a hyperscale firewall, setting new milestones for Security Compute Ratings to deliver performance, scalability and security in a single appliance to meet escalating business needs. FortiGate 4400F is powered by Fortinet's latest seventh generation network processor to offer hardware-acceleration, making it the only network firewall that is fast enough to secure hyperscale data centers and 5G networks.

Dragos and Fortinet partner to broaden cybersecurity across industrial networks
2020-07-27 23:00

Dragos announced that through a partnership with Fortinet it has released an initial integration of the Dragos Platform with FortiSIEM, giving cyber defenders at industrial organizations a unified view of threats and events across the converged enterprise IT and industrial OT environment. Threats detected on OT networks via the Dragos Platform can now be visualized in FortiSIEM. The integration between Dragos and Fortinet is certified for release and provides complete visibility of IT and OT threats to simplify the response workflows for defenders.

Windstream Enterprise and Fortinet deliver WAN edge transformation to enterprise customers
2020-07-24 00:00

"We began offering SD-WAN solutions with Fortinet technology in 2019, and our customers have responded positively to the network experience and the security that solution provides," said Mike Flannery, chief marketing officer at Windstream Enterprise. Customers that choose Windstream Enterprise SD-WAN with Fortinet technology benefit from integrated security and SD-WAN in a single device, supported by Fortinet's industry-leading, next-generation firewall.

Fortinet Acquires SASE Cloud Provider OPAQ Networks
2020-07-21 12:34

The startup's Zero Trust Network Access cloud solution aims to protect networks spanning across data centers, branch offices, and Internet of Things devices. The company will integrate OPAQ's ZTNA solution into Security Fabric, to enhance its SASE offering.

Fortinet launches FortiGate 1800F to accelerate security performance in the data center
2020-02-20 03:00

In the event of a security breach, once beyond the security perimeter, hackers can easily move about and freely gain access to credentials, resources, and data. To meet the extraordinary demands of data center security and enable a Security-Driven Networking approach, Fortinet is introducing the FortiGate 1800F NGFW. FortiGate 1800F delivers high performance internal segmentation.

Cisco, Fortinet, Palo Alto Networks and SonicWall get NetSecOPEN certified performance results
2020-02-20 00:30

NetSecOPEN, the first industry organization focused on the creation of open, transparent network security performance testing standards, announced that Cisco, Fortinet, Palo Alto Networks and SonicWall are the first three security vendors to achieve certified performance results through open, standardized testing developed by NetSecOPEN and adopted by the Internet Engineering Task Force. "Fortinet is committed to delivering the best threat protection performance and low latency that enterprises require via our purpose-built security processor technology. We are pleased to report the certified performance of Fortinet's FortiGate 500E Next-generation Firewall, tested under real-world conditions," said John Maddison, EVP of Products and CMO at Fortinet.