SecurityWeek

Fortinet Patches Critical Authentication Bypass Vulnerabilities

Fortinet patched two critical flaws in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager leading to authentication bypass.
SecurityWeek

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Threat actors are exploiting two recent critical Fortinet vulnerabilities to bypass SSO login authentication on FortiGate ...
Concordia University

Multi-factor authentication with Concordia's VPN

All VPN users must upgrade to the latest tested and approved version of FortiClient and enable multi-factor authentication due to security vulnerabilities with earlier versions of the software. Please ...
Connecticut College Arboretum

Using Duo with FortiClient

When using the Fortinet VPN Client (FortiClient) you may be required to use the Duo Multi-Factor Authentication system to connect. By default, FortiClient uses Push ...
Bleeping Computer

Fortinet VPN design flaw hides successful brute-force attacks

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of ...
heise online

Fortinet secures FortiOS, FortiAnalyzer and FortiClient

Fortinet has released updates that close high-risk vulnerabilities in FortiOS, FortiAnalyzer and FortiClient. Attackers can abuse the vulnerabilities to escalate their privileges, perform unauthorized ...
Concordia University

December 9: VPN Connection Issues

Some users are experiencing issues connecting to VPN due to a technical change earlier this week and would like to apologize for any inconvenience this may have caused. If you have FortiClient 7.2.5 ...