Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
TechRadar

Update now — Fortinet Windows VPN hacked to steal user data

Researchers spot Chinese threat actor stealing login credentials from Fortinet VPN Thefts carried out with the help of a vulnerability discovered in 2023 The bug is yet to be addressed, or even ...
Threat Post

Thousands of Fortinet VPN Account Credentials Leaked

They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. UPDATE: Subsequent reporting and disclosures ...
CRN

AI Let ‘Unsophisticated’ Hacker Breach 600 Fortinet Firewalls, AWS Says, As AI Lowers ‘The Barrier’ For Threat Actors

Hackers use AI, GenAI and LLMs to breach Fortinet FortiGate firewalls as cybersecurity and threat actors leverage AI for cyber-attacks, AWS report finds.
ZDNet

Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised

Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have ...
Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...