heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Dark Reading

600+ FortiGate Devices Hacked by AI-Armed Amateur

A Russian-speaking hacker used GenAI to breach the FortiGate firewalls, targeting credentials and backups for possible ransomware follow-on attacks.

Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.
TechCentral.ie

AI helps novice threat actor compromise FortiGate devices in dozens of countries

A Russian-speaking threat actor used AI to plan, manage and conduct cyberattacks on organisations with misconfigured firewalls in 55 countries in January and February, according to Amazon researchers.
Bleeping Computer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
Ars Technica

VOIP calls sometimes missing audio: Fortinet firewall-what to config?

The firewall has 5060 and 10000-20000 open to the SIP provider (voip.ms), and a static NAT to the FreePBX server but we are getting some set of calls with no audio on either end. Anyone have any ideas ...