The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication ...
Ars Technica

Fortigate to CISCO IPSEC VPN

Thought I'd start a new thread rather than hijack the other one. We're switching to a new MPLS VPN provider with 4 sites and a central colocation facility which tails into the internet. Each of the ...
Infosecurity-magazine.com

New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls

A new threat actor has leaked configuration files and virtual private network (VPN) information for 15,000 firewall devices provided by security vendor Fortinet. On January 15, Kevin Beaumont, an ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Hosted on MSN

FortiGate config leaks: Victims' email addresses published online

Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day ...
Bleeping Computer

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical ...
CSO Online

FortiGate firewall credentials being stolen after vulnerabilities discovered

Arctic Wolf says last week’s revelation of authentication holes is leading to attacks on unpatched Fortinet devices.
Ars Technica

Fortigate IPSec VPN

I am trying to implement a host-to-gateway VPN solution for about 40 users. I wish to do this using my fortigate gateway/router if at all possible. The router has options for SSL, PPTP, and IPSec.