10 Sep 2021

Thousands of Fortinet VPN Account Credentials Leaked

According to a statement released by Fortinet, credentials stolen from 87,000 unpatched SSL-VPNs have been posted to an online forum by former Babuk gang members for free. On Wednesday, BleepingComputer reported that it had been a miscommunication with a threat actor who leaked nearly half a million Fortinet VPN credentials.

Read More
18 Aug 2021

Zero-Day Flaw Found in Fortinet’s FortiWeb WAF Technology

Yesterday, researchers at Rapid7 disclosed a new critical zero-day vulnerability uncovered in Fortinet’s FortiWeb Web application firewall technology. According to the security researchers, an attacker could exploit the bug to gain complete control of affected devices. The flaw is an OS command injection vulnerability that allows attackers to remotely execute

Read More
01 Jun 2021

FBI Issues Fortinet Flash Warning

The US Federal Bureau of Investigation issued a flash warning late last week pertaining to the exploitation of Fortinet vulnerabilities by advanced persistent threat (APT) groups. The FBI stated that an APT group has been actively targeting a FortiGate appliance since May 2021 seeking to access a web server hosting

Read More