The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows ...
Ars Technica

Fortigate SSL VPN

I've wasted away most of the day trying to get this working. We currently use SSL VPN for remote users. It uses ldap to authenticate the users in AD. In preparation of an AD migration we want a test ...
Ars Technica

Fortinet says hackers exploited critical vulnerability to infect VPN customers

An unknown threat actor abused a critical vulnerability in Fortinet’s FortiOS SSL-VPN to infect government and government-related organizations with advanced custom-made malware, the company said in ...