Hackers exploit Fortinet flaws to plant stealth backdoors on FortiGate devices, maintaining access even after patches.

Read: https://hackread.com/fortinet-fixe-attackers-bypass-patches-maintain-access/

#Fortinet: Hackers retain access to patched #FortiGate VPNs using symlinks

https://www.bleepingcomputer.com/news/security/fortinet-hackers-retain-access-to-patched-fortigate-vpns-using-symlinks/

#Symbolic #Link trick lets attackers bypass #FortiGate patches, #Fortinet warns
https://securityaffairs.com/176473/hacking/symbolic-link-trick-lets-attackers-bypass-fortigate-patches-fortinet-warns.html
#securityaffairs #hacking

Fortinet's VPN Security Breach: Hackers Exploit Symlinks for Persistent Access

Fortinet has issued urgent warnings to customers regarding a sophisticated attack method that allows hackers to retain access to compromised FortiGate VPN devices, even after vulnerabilities have been...

https://news.lavx.hu/article/fortinet-s-vpn-security-breach-hackers-exploit-symlinks-for-persistent-access

Fortinet's Symlink Vulnerability: A New Threat to FortiGate VPN Security

Fortinet has revealed a critical post-exploitation technique that allows threat actors to maintain access to compromised FortiGate VPN devices, even after patching vulnerabilities. This alarming disco...

https://news.lavx.hu/article/fortinet-s-symlink-vulnerability-a-new-threat-to-fortigate-vpn-security

Configurar BGP en firewalls FortiGate #fortinet #bgp #fortigate #redes
https://nosololinux.es/configurar-bgp-en-firewalls-fortigate/

Kann mich jemand unterstützen bei der Installation von #Fortigate #FortiClient #SSLVPN unter #Ubuntu 24 LTS. Der Client läuft, die Config ist auch klar, aber die einzige Meldung die ich beim connecten kriege ist "Login canceled".

There is a rumor about a new FortiGate vulnerability exploited in the wild from internet/external interfaces. FortiOS >=7.2.11 & >=7.4.7 is not affected.

Does anyone know something about that?

https://www.soniccomponents.com/fortigate-900g-dc/
Fortinet FortiGate FG-900G-DC Network Security/Firewall SSL, AES (256-bit), SHA-256, TLS 1.3 - 10000 VPN @fortinet #fortigate #900g #DCpower #networksecurity #firewall #ssl #aes #aes256 #sha256 #tls #10kvpn #forticare #FORTIGUARD @SonicComponents20

Friday at last.
Working with #fortigate wifi and #windows clients are tiresome and stressful sometimes..

But hey, i got #xfce4 .20 on my "new" #Freebsd
machine
#bhyve next

Good times

ReliaQuest (ex. Digital Shadows): https://www.reliaquest.com/blog/credential-theft-vs-admin-control-threat-spotlight/

This report examines how VPN vulnerabilities, particularly CVE-2018-13379 and CVE-2022-40684 affecting Fortinet products, remain highly exploited years after disclosure. The analysis reveals a 4,223% increase in cybercriminal forum discussions about Fortinet VPNs since 2018, highlighting their continued relevance in attack campaigns. Threat actors exploit these vulnerabilities primarily through credential theft and gaining administrative control. The report details how cybercriminals and state-sponsored APT groups leverage these vulnerabilities, with 64% of VPN vulnerabilities directly linked to ransomware campaigns. The report also examines a 2025 breach by 'Belsen_Group' that compromised over 15,000 FortiGate devices using CVE-2022-40684. The authors provide detection rules, threat hunting recommendations, and defensive strategies to mitigate these threats, while predicting increased hybrid threats targeting VPN infrastructure and the growing impact of AI on VPN exploitation.

Métricas de FortiGate con Prometheus y Grafana #blog #monitorización #exporter #fortigate #grafana #métricas #prometheus
https://www.bujarra.com/metricas-de-fortigate-con-prometheus-y-grafana/

Newsletter #177 już na skrzynkach!

W środku:

BUM w ACI
IP vs CLNP
(Nieoficjalny) podręcznik CCNP-SP

Sprawdź ranking firewalli Fortigate i dowiedz się, czemu Cilium to #1 CNI dla K8S! #newsletter #IT #Fortigate #Cilium #K8S

Fortinet Delivers Security and Efficient Network Performance for the Enterprise with New Next-Gen Firewalls

New #FortiGate G Series Next-Gen Firewalls Empower Customers to Strengthen Threat Protection and Future-Proof IT Infrastructure

#Fortinet® anno… http://www.appsgadget.com/2025/02/blog-post.html

Vulnerabilidad crítica en FortiOS Security Fabric (CVE-2024-40591) https://blog.elhacker.net/2025/02/vulnerabilidad-critica-en-fortios-security-fabric-cve.html #vulnerabilidad #fortigate #fortinet #cve

Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on #Fortinet #FortiGate Firewalls - Arctic Wolf

https://vulnerability.circl.lu/bundle/9a35bcae-d831-491f-945c-1fbd54769c38

CVE-2024-55591
CVE-2022-26118

https://www.xcalable.org/product/fap-831f-e-fortinet/
Fortinet FAP-831F-E FortiAP 831F Tri Band 802.11ax 5.81 Gbit/s Wireless Access Point - Indoor - 2.40 GHz
@fortinet #fortigate #831f #831fe #fortiap #831f #triband #wireless #accesspoint @Xcalabl

Encore une faille sur FortiGate qui empoisonne les administrateurs
https://www.lemondeinformatique.fr/actualites/lire-encore-une-faille-sur-fortigate-qui-empoisonne-les-administrateurs-95885.html