Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
Yahoo

Update now — Fortinet Windows VPN hacked to steal user data

Cybersecurity researchers has revealed that for months now, Fortinet’s Windows VPN client has been vulnerable to a flaw which allows threat actors to steal user credentials - and Chinese hackers have ...
Bleeping Computer

Fortinet VPN design flaw hides successful brute-force attacks

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of ...
来自MSN

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk ...

Someone has been trying to break into Fortinet VPN products GreyNoise believes this is in preparation of a zero-day exploit The researchers expect a CVE to be published within weeks Fortinet users are ...
SDxCentral

Thousands of Fortinet firewalls face critical authentication flaw

Security researchers claimed more than 10,000 Fortinet firewalls are at risk from a legacy vulnerability affecting FortiGate SSL VPN. The vulnerability allows users to log in without being prompted ...