Bleeping Computer18d
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Fortinet says attackers exploiting the zero-day in the wild are creating randomly generated admin or local users on compromised devices and are adding them to existing SSL VPN user groups or to ...
CSOonline19d
Fortinet confirms zero-day flaw used in attacks against its firewalls
Fortinet has confirmed the existence of a critical ... naming scheme and adding those users to existing user groups with SSL VPN access. In some cases, they hijacked existing accounts or reset ...
ITWire15d
Fortinet firewalls hit with new zero-day attack, older data leak
SSL VPN authentication through those accounts, and various other configuration changes.” Fortinet’s advisory for CVE-2024-55591 includes indicators of compromise (IOCs) and notes that the ...
Infosecurity-magazine.com17d
New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls
Impacted organizations are going to need to change local SSL VPN passwords, admin passwords etc,” Beaumont ... the threat group probably exploited a vulnerability disclosed by Fortinet in 2022, ...
CRN9mon
Fortinet Discloses Vulnerabilities In FortiOS, FortiProxy, FortiClient Linux And Mac
Fortinet disclosed new vulnerabilities Tuesday ... into visiting a malicious attacker-controlled website through the SSL-VPN,” the company said. Additionally, a pair of high-severity ...