Christoffer S.<p><a href="https://swecyb.com/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://swecyb.com/tags/SSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSL</span></a> <a href="https://swecyb.com/tags/GreyNoise" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GreyNoise</span></a> <a href="https://swecyb.com/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://swecyb.com/tags/NotYet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NotYet</span></a></p>
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto
Please refer to the site rules before posting.
Administered by:
Server stats:
246active users
photog.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#fortinet
1 post · 1 participant · 0 posts today
Uwe Caspari<p>Bald ist wieder <a href="https://dudo.social/tags/itsa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsa</span></a>. Anfang Oktober trifft man sich wie in jedem Jahr in <a href="https://dudo.social/tags/N%C3%BCrnberg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nürnberg</span></a> auf dem Messegelände, um sich zum Thema <a href="https://dudo.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> auszutauschen.</p><p><a href="https://dudo.social/tags/FORTINET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FORTINET</span></a> ist natürlich mit dabei, inklusive einer Ausstellung unserer wunderschönen Ruggedized-Gerätelandschaft.</p><p>Ich bin nicht die ganze Woche vor Ort, vermutlich nur am ersten Tag, also wer mal hallo sagen möchte, komm Dienstags vorbei. ;-)</p><p>Noch kein Ticket? Dann gerne hier entlang: <a href="https://events.fortinet.com/it-sa2025" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">events.fortinet.com/it-sa2025</span><span class="invisible"></span></a></p><p><a href="https://dudo.social/tags/OT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OT</span></a> <a href="https://dudo.social/tags/IndustrialSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IndustrialSecurity</span></a> <a href="https://dudo.social/tags/KRITIS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KRITIS</span></a></p>
The New Oil<p>New <a href="https://mastodon.thenewoil.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://mastodon.thenewoil.org/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FortiWeb</span></a> hacks likely linked to public RCE exploits</p><p><a href="https://www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Dark Web Informer - Cyber Threat Intelligence :verified_paw: :verified_dragon:<p>Fact <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>New PoC dropped:</p><p><a href="https://github.com/0xbigshaq/CVE-2025-25257" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/0xbigshaq/CVE-2025-</span><span class="invisible">25257</span></a></p><p><a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a>, <a href="https://infosec.exchange/tags/fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fortinet</span></a></p>
The New Oil<p>Exploits for pre-auth <a href="https://mastodon.thenewoil.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://mastodon.thenewoil.org/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FortiWeb</span></a> RCE flaw released, patch now</p><p><a href="https://www.bleepingcomputer.com/news/security/exploits-for-pre-auth-fortinet-fortiweb-rce-flaw-released-patch-now/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/exploits-for-pre-auth-fortinet-fortiweb-rce-flaw-released-patch-now/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
The New Oil<p>Critical <a href="https://mastodon.thenewoil.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> flaws now exploited in <a href="https://mastodon.thenewoil.org/tags/Qilin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Qilin</span></a> <a href="https://mastodon.thenewoil.org/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> attacks</p><p><a href="https://www.bleepingcomputer.com/news/security/critical-fortinet-flaws-now-exploited-in-qilin-ransomware-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/critical-fortinet-flaws-now-exploited-in-qilin-ransomware-attacks/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
k3ym𖺀<p>🚨 New Threat Alert: FormBook is back — and it’s stealthier than ever.</p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@FortiGuardLabs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>FortiGuardLabs</span></a></span> has uncovered a new phishing campaign that spreads FormBook, a potent <a href="https://infosec.exchange/tags/infostealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealer</span></a> malware targeting your credentials, screenshots, and more.</p><p>📥 Lures victims with spoofed job applications<br>🎯 Designed to evade detection<br>🕵️♀️ Highly active in the wild</p><p>Don’t get caught off guard.</p><p>🔍 Dive into the full technical breakdown and see how to defend your org ➡️ <a href="https://www.fortinet.com/blog/threat-research/infostealer-malware-formbook-spread-via-phishing-campaign" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">fortinet.com/blog/threat-resea</span><span class="invisible">rch/infostealer-malware-formbook-spread-via-phishing-campaign</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/InfoStealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoStealer</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/SecurityOperations" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityOperations</span></a> <a href="https://infosec.exchange/tags/CyberThreats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberThreats</span></a></p>
The New Oil<p>Data-stealing <a href="https://mastodon.thenewoil.org/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Chrome</span></a> extensions impersonate <a href="https://mastodon.thenewoil.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a>, <a href="https://mastodon.thenewoil.org/tags/YouTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YouTube</span></a>, VPNs</p><p><a href="https://www.bleepingcomputer.com/news/security/data-stealing-chrome-extensions-impersonate-fortinet-youtube-vpns/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/data-stealing-chrome-extensions-impersonate-fortinet-youtube-vpns/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/VPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VPN</span></a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
computing competence<a href="https://feinste-netzwerke.de?t=wochenbericht" class="mention hashtag" rel="nofollow noopener" target="_blank">#Wochenbericht</a> KW19:<br><br>- Mo: <a href="https://feinste-netzwerke.de?t=3cx" class="mention hashtag" rel="nofollow noopener" target="_blank">#3CX</a> Einstellungen, Upgrade von <a href="https://feinste-netzwerke.de?t=smarttime" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmartTime</a> Datenbank. Stromausfall eines <a href="https://feinste-netzwerke.de?t=unifi" class="mention hashtag" rel="nofollow noopener" target="_blank">#Unifi</a> Netzwerks. Alles wieder gut.<br>- Di: Installation eine <a href="https://feinste-netzwerke.de?t=oauthproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#OauthProxy</a> unter <a href="https://feinste-netzwerke.de?t=debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a>. Evaluierung des transparenten <a href="https://feinste-netzwerke.de?t=proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxy</a> in einer <a href="https://feinste-netzwerke.de?t=watchguard" class="mention hashtag" rel="nofollow noopener" target="_blank">#Watchguard</a> für eine kommende Migration weg von <a href="https://feinste-netzwerke.de?t=sophos" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sophos</a><br>- Mi: Aufbau einer <a href="https://feinste-netzwerke.de?t=3cx" class="mention hashtag" rel="nofollow noopener" target="_blank">#3CX</a> <a href="https://feinste-netzwerke.de?t=telefonanlage" class="mention hashtag" rel="nofollow noopener" target="_blank">#Telefonanlage</a>. Einrichtung eines transparenten <a href="https://feinste-netzwerke.de?t=proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxy</a> auf einer <a href="https://feinste-netzwerke.de?t=opnsense" class="mention hashtag" rel="nofollow noopener" target="_blank">#OPNSense</a> inkl. <a href="https://feinste-netzwerke.de?t=acme" class="mention hashtag" rel="nofollow noopener" target="_blank">#ACME</a> Zertifikatsverwaltung nicht nur für HTTP, sondern auch SMTP und IMAP auf einen <a href="https://feinste-netzwerke.de?t=groupoffice" class="mention hashtag" rel="nofollow noopener" target="_blank">#GroupOffice</a> Server<br>- Do: Bürotag, Kleinigkeiten. Eine <a href="https://feinste-netzwerke.de?t=3cx" class="mention hashtag" rel="nofollow noopener" target="_blank">#3CX</a> leidete unter einer schlechten <a href="https://feinste-netzwerke.de?t=fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fortinet</a> Firewall. Reboot tut gut. Entstörung E-Mail Versand in einer Praxis<br>- Fr: <span class="h-card"><a href="https://lfnt.site/users/oliver" class="u-url mention" rel="nofollow noopener" target="_blank">@oliver@lfnt.site</a></span> installiert die Basis für neander.social . Mal gucken wie weit wir mit <a href="https://feinste-netzwerke.de?t=freebsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeBSD</a> kommen. Sonst <a href="https://feinste-netzwerke.de?t=orga" class="mention hashtag" rel="nofollow noopener" target="_blank">#Orga</a> und <a href="https://feinste-netzwerke.de?t=abrechnungen" class="mention hashtag" rel="nofollow noopener" target="_blank">#Abrechnungen</a>. <a href="https://feinste-netzwerke.de?t=teammeeting" class="mention hashtag" rel="nofollow noopener" target="_blank">#Teammeeting</a><br><br>Highlight: <span class="h-card"><a href="https://chaos.social/users/besendorf" class="u-url mention" rel="nofollow noopener" target="_blank">@besendorf@chaos.social</a></span> testet den Umstieg von <a href="https://feinste-netzwerke.de?t=gitea" class="mention hashtag" rel="nofollow noopener" target="_blank">#gitea</a> auf <a href="https://feinste-netzwerke.de?t=forgejo" class="mention hashtag" rel="nofollow noopener" target="_blank">#forgejo</a>. Sieht gut aus!<br>
Alexandre Dulaunoy<p>While digging into some <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> vulnerabilities, I discovered a set of CVEs that were rejected for being unused.</p><p>I'm wondering how this is actually helping vulnerability management. Does this mean those will be never used? or something else?</p><p><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> </p><p>🔗 <a href="https://vulnerability.circl.lu/vuln/cve-2025-46221" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-46221</span></a></p>
:mastodon: decio<p>Si tu gères un firewall <a href="https://infosec.exchange/tags/Fortigate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortigate</span></a> (ou tu connais quelqu’un qui en administre un) avec SSL-VPN activé, prends 2 min pour vérifier s’il est compromis.</p><p>Depuis les attaques massives de 2024, des cybercriminels laissent des liens symboliques planqués dans les fichiers de langue. Résultat : même après patch, ils gardent accès au système.</p><p>👉 Plus de 16 000 appareils compromis dans le monde, dont <strong>208 en Suisse</strong> (source : Shadowserver).</p><p>Fortinet a publié un correctif + une signature AV/IPS pour nettoyer, mais faut mettre à jour.<br>👇 <br><a href="https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">fortinet.com/blog/psirt-blogs/</span><span class="invisible">analysis-of-threat-actor-activity</span></a><br>⬇️ [dans les news] <br><a href="https://www.bleepingcomputer.com/news/security/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/</span></a></p><p>📊<br>⬇️ <a href="https://dashboard.shadowserver.org/statistics/combined/tree/?day=2025-04-11&source=compromised_website&source=compromised_website6&tag=fortinet-compromised%2B&geo=all&data_set=count&scale=log" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dashboard.shadowserver.org/sta</span><span class="invisible">tistics/combined/tree/?day=2025-04-11&source=compromised_website&source=compromised_website6&tag=fortinet-compromised%2B&geo=all&data_set=count&scale=log</span></a></p><p>💡 Et pour rappel : si vous administrez pour une entreprise, institution ou toute entité titulaire d’un AS ou de plages IP définies, vous pouvez recevoir des alertes directes de la fondation <span class="h-card" translate="no"><a href="https://infosec.exchange/@shadowserver" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>shadowserver</span></a></span> si un de vos équipements en frontière est détecté comme compromis.<br>⬇️ <br>Inscription ici : <a href="https://www.shadowserver.org/what-we-do/network-reporting/get-reports/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">shadowserver.org/what-we-do/ne</span><span class="invisible">twork-reporting/get-reports/</span></a></p><p><a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberVeille</span></a> <a href="https://infosec.exchange/tags/Suisse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Suisse</span></a> <a href="https://infosec.exchange/tags/fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fortinet</span></a> <a href="https://infosec.exchange/tags/vulnerable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerable</span></a></p>
AI6YR Ben<p>LOL Fortinet</p><p>BleepingComputer: Over 16,000 Fortinet devices compromised with symlink backdoor</p><p><a href="https://www.bleepingcomputer.com/news/security/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/</span></a></p><p><a href="https://m.ai6yr.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://m.ai6yr.org/tags/fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fortinet</span></a></p>
LMG Security<p>Fortinet Alert: Hackers Maintain Access to Patched FortiGate VPNs via Symlinks.</p><p>Hackers are using a new post-exploitation technique to maintain access to FortiGate VPN devices, even after vulnerabilities have been patched. </p><p>Fortinet has warned that threat actors are leveraging symlinks (symbolic links) to retain read-only access to compromised devices, even after the original attack vector was closed. The malicious actors used older vulnerabilities to create symlinks in the SSL-VPN folder, allowing them to keep access to the root filesystem undetected. </p><p>What should you do?</p><p>▪ Upgrade your FortiOS to the latest version<br>▪ Review device configurations for any unexpected changes.<br>▪ Reset all credentials and secret keys on potentially compromised devices.<br>▪ Isolate affected VPN devices from your network to prevent lateral movement.</p><p>Read more details: <a href="https://www.bleepingcomputer.com/news/security/fortinet-hackers-retain-access-to-patched-fortigate-vpns-using-symlinks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/fortinet-hackers-retain-access-to-patched-fortigate-vpns-using-symlinks/</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsecurity</span></a></p>
DFN-CERT<p>CERT.at investigates ransomware attacks via critical Fortinet vulnerabilities (FortiOS, FortiProxy) and recommends urgent forensic investigations of all devices that didn't have FortiOS 7.0.16 installed before 2025-01-27, when the PoC for CVE-2024-55591 was published. Those devices may be compromised despite having been patched later.</p><p>Check (German) warning by <span class="h-card" translate="no"><a href="https://ioc.exchange/@CERT_at" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>CERT_at</span></a></span> <br><a href="https://www.cert.at/de/warnungen/2025/3/ransomware-gruppen-nutzen-weiterhin-kritische-fortinet-schwachstellen-warnung-vor-gepatchten-aber-bereits-kompromittierten-geraten" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cert.at/de/warnungen/2025/3/ra</span><span class="invisible">nsomware-gruppen-nutzen-weiterhin-kritische-fortinet-schwachstellen-warnung-vor-gepatchten-aber-bereits-kompromittierten-geraten</span></a></p><p>Long story with Forescout:<br><a href="https://www.forescout.com/blog/new-ransomware-operator-exploits-fortinet-vulnerability-duo/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">forescout.com/blog/new-ransomw</span><span class="invisible">are-operator-exploits-fortinet-vulnerability-duo/</span></a></p><p><a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fortinet</span></a> <a href="https://infosec.exchange/tags/Mora_001" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mora_001</span></a></p>
Cedric<p>Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on <a href="https://fosstodon.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://fosstodon.org/tags/FortiGate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FortiGate</span></a> Firewalls - Arctic Wolf</p><p><a href="https://vulnerability.circl.lu/bundle/9a35bcae-d831-491f-945c-1fbd54769c38" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/bundle/</span><span class="invisible">9a35bcae-d831-491f-945c-1fbd54769c38</span></a></p><p>CVE-2024-55591<br>CVE-2022-26118</p><p><a href="https://fosstodon.org/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://fosstodon.org/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://fosstodon.org/tags/fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fortinet</span></a> <a href="https://fosstodon.org/tags/VulnerabilityLookup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityLookup</span></a></p>
BSI<p>‼️📢 Heute veröffentlichte <a href="https://social.bund.de/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> ein Advisory zu einer <a href="https://social.bund.de/tags/Schwachstelle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Schwachstelle</span></a> in Fortiproxy und FortiOS, dem Betriebssystem welches u.a. auf der Firewall-Produktreihe FortiGate zum Einsatz kommt. Die Schwachstelle wurde nach dem Common Vulnerability Scoring System mit 9.6 ("kritisch") bewertet und erlaubt es einem nicht-authentifizierten Angreifer Super-Admin Privilegien zu erlangen. Es handelt sich um einen Authentication Bypass über einen alternativen Pfad.<br>Mehr dazu: 👉 <a href="https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2025/2025-213432-1032" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bsi.bund.de/SharedDocs/Cybersi</span><span class="invisible">cherheitswarnungen/DE/2025/2025-213432-1032</span></a></p>
LMG Security<p>A new Fortinet VPN zero-day vulnerability is being exploited by a toolkit called 'DeepData'. The <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> gap allows credential dumping from memory after authentication. Until a patch is available, you should restrict VPN access and monitor for unusual login activity. IOCs are available in this article: <a href="https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://infosec.exchange/tags/CredentialTheft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CredentialTheft</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/Databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Databreach</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a></p>
LMG Security<p>A critical <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> flaw, <a href="https://infosec.exchange/tags/FortiJump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FortiJump</span></a>, is being actively exploited in FortiManager. This vulnerability can allow remote attackers to execute code or commands without authentication. Fortinet has released workarounds. Read more: <a href="https://thehackernews.com/2024/10/fortinet-warns-of-critical.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2024/10/fort</span><span class="invisible">inet-warns-of-critical.html</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
the magnificent rhys<p>I'm hating how much of my life is dominated by <a href="https://mastodon.rhys.wtf/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> right now.</p><p>It's gotten a bit easier now some media outlets are reporting on it, mainly based on <span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span>'s toots, but good grief, what a mess.</p><p>On the plus side, it's encouraging my place to finally start taking vendor assessment and how we architecturally position vendor appliances a bit more seriously.</p>
Live feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload