All news with #fortinet tag

Weekly Recap: Fortinet Exploited, Global Threats Rise

🔒 This week's recap highlights a surge in quiet, high-impact attacks that abused trusted software and platform features to evade detection. Researchers observed active exploitation of Fortinet FortiWeb (CVE-2025-64446) to create administrative accounts, prompting CISA to add it to the KEV list. Law enforcement disrupted major malware infrastructure while supply-chain and AI-assisted campaigns targeted package registries and cloud services. The guidance is clear: scan aggressively, patch rapidly, and assume features can be repurposed as attack vectors.

Fortinet silently patches FortiWeb zero-day flaw in the wild

🚨 Fortinet confirmed a silent patch for a critical FortiWeb GUI path confusion zero-day (tracked as CVE-2025-64446) that is being "massively exploited in the wild." The flaw allowed unauthenticated HTTP(S) requests to execute administrative commands and create local admin accounts on internet-exposed devices. Fortinet released fixes in FortiWeb 8.0.2 (Oct 28) and later; administrators should upgrade, disable internet-facing management interfaces if they cannot update immediately, and audit logs for unauthorized accounts.

From Military Service to Cybersecurity: Veteran Pathways

🛡️ Fortinet partnered with BCIT, Cyber Catalyst, and Tech Vets Canada to deliver a one-week Industrial Control Systems cybersecurity microcredential intensive for Canadian veterans, providing hands-on labs and practical workshops. Through exercises in network segmentation, access control, and threat detection, participants translated military skills—leadership, discipline, resilience—into cybersecurity capabilities protecting critical infrastructure. The program paired technical training with mentorship, career transition support, and pathways to internships and certification, reflecting Fortinet’s commitment to building a more diverse, skilled cyber workforce.

Fortinet FortiWeb Path Traversal Vulnerability Alert

⚠️ Fortinet has released an advisory for FortiWeb addressing CVE-2025-64446, a CWE-23 relative path traversal that can allow unauthenticated actors to execute administrative commands via crafted HTTP/HTTPS requests. Affected releases include multiple 7.x and 8.x versions; Fortinet provides specific upgrade targets (8.0.2+, 7.6.5+, 7.4.10+, 7.2.12+, 7.0.12+). If immediate upgrades are not possible, disable HTTP/HTTPS on internet-facing interfaces and, after remediation, review configurations and logs for unexpected modifications or unauthorized administrator accounts.

CISA Adds Fortinet FortiWeb Path Traversal to KEV Catalog

🔒 CISA has added CVE-2025-64446 — a Fortinet FortiWeb path traversal vulnerability — to its Known Exploited Vulnerabilities (KEV) Catalog after evidence of active exploitation. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate cataloged CVEs by the required due date. CISA strongly urges all organizations to prioritize timely patching, apply available mitigations, and monitor for indicators of compromise. CISA will continue to add vulnerabilities that meet catalog criteria.

Authentication Bypass in Fortinet FortiWeb Actively Exploited

🚨 Researchers report an authentication bypass in Fortinet FortiWeb that is being actively exploited in the wild, allowing attackers to create privileged administrator accounts and fully compromise devices. watchTowr reproduced the issue, released a proof-of-concept and an artifact generator to help identify vulnerable appliances. The flaw is patched in FortiWeb 8.0.2, but Fortinet has not published a PSIRT advisory or assigned a CVE, and Rapid7 urges emergency patching for older versions.

FortiWeb Path Traversal Flaw Allows Admin Account Creation

⚠️ A path traversal vulnerability in Fortinet FortiWeb appliances is being actively exploited to create local administrative users without authentication. Researchers from Defused and PwnDefend described requests targeting the /api/v2.0/cmdb/system/admin%3f/../../../../../cgi-bin/fwbcgi endpoint that inject admin accounts. Rapid7 and others confirm versions 8.0.1 and earlier are affected, while 8.0.2 is believed to contain the fix. Administrators are urged to update immediately, review logs for fwbcgi access, and search for unexpected admin accounts.

Google Announces Unified Security Recommended Program

🔒 Google Cloud is launching the Google Unified Security Recommended program to validate deep integrations between its security portfolio and third-party vendors. Inaugural partners CrowdStrike, Fortinet, and Wiz bring endpoint, network, and multicloud CNAPP capabilities into Google Security Operations. Partners commit to cross-product technical integration, a collaborative support model, and investment in AI initiatives such as the model context protocol (MCP). Qualified solutions will be available via Google Cloud Marketplace for simplified procurement and consolidated billing.

Fortinet Named Google Unified Security Recommended Partner

🔒 Fortinet has been named the inaugural Google Unified Security Recommended partner for network protection, integrating FortiSASE and the FortiGate NGFW to run natively on Google Cloud. The integration delivers unified policy and shared telemetry with Google Security Operations, combining FortiGuard Labs and Google threat intelligence for AI-driven detection and response. Customers gain consolidated management, improved performance via Google’s backbone, and simplified procurement through the Google Cloud Marketplace.

Fortinet Earns Gartner Customers’ Choice for SSE — 3rd Year

🏆 Fortinet has been named a Gartner Peer Insights Customers’ Choice for Security Service Edge (SSE) for the third consecutive year and is the only cybersecurity vendor to receive this recognition in the SSE market. Based on 195 verified end-user reviews as of August 2025, Fortinet achieved a 4.9/5 overall rating, 90% five-star reviews and 100% willingness to recommend. FortiSASE is highlighted for delivering unified, AI-powered cloud security backed by 170+ POPs, a single unified agent and deployment flexibility that aims to reduce operational overhead. Fortinet frames the recognition as validation of customer trust and its focus on simplifying secure hybrid work.

Fortinet Wins Red Dot Award for FortiGate Rugged Series

🏆Fortinet’s FortiGate Rugged series (FGR-50G-5G and FGR-70G-5G) earned the Red Dot Product Design Award for its fanless industrial design, integrated 5G, and purpose-built ASIC performance. Engineered for OT and critical infrastructure, the appliances combine thermal resilience, shock and moisture protection, and low-latency security functions including next-generation firewalling, SD-WAN, VPN, and AI-driven threat detection. The recognition underscores Fortinet’s focus on precision engineering and durable, field-ready security.

Fortinet Recognized by Crime Stoppers for Cyber Leadership

🏆 Fortinet received two 2025 Crime Stoppers International awards—the Cybersecurity Leadership Award and the Corporate Leadership in Crime Prevention Award—for its global efforts to disrupt cybercrime through intelligence sharing, partnership, and workforce development. FortiGuard Labs and the Fortinet Training Institute are cited for delivering actionable threat intelligence and scalable education. The honors validate more than a decade of sustained public‑private collaboration and data‑driven prevention.

AI Literacy Is Critical for Cybersecurity Readiness

🔒 Artificial intelligence is reshaping cybersecurity, creating both enhanced defensive capabilities and new risks that require broad AI literacy. The White House's America’s AI Action Plan and Fortinet’s 2025 Cybersecurity Global Skills Gap Report show strong adoption—97% of organizations use or plan AI in security—yet 48% cite lack of staff expertise as a major barrier. Fortinet recommends targeted training, policies for generative AI use, and its Security Awareness modules to help close the gap and reduce threat exposure.

Fortinet Expands Unified SASE with Global POPs and AI

🚀 Fortinet announced enhancements to Fortinet Unified SASE, expanding its global footprint to over 170 points of presence and embedding AI-powered operations. FortiAI-Assist automates diagnostics and remediation to accelerate mean time to resolution, while an agentless Secure Browser and SaaS Security Posture Management extend DLP and compliance controls across 80+ SaaS apps. These updates aim to boost performance, simplify operations, and strengthen data protection for distributed workforces.

Fortinet Publishes First EPD for FortiGate-40F NGFW

🌱 Fortinet has published the industry’s first Environmental Product Declaration (EPD) for the FortiGate-40F Next-Generation Firewall, verified under the new PCR 2024:06. The EPD is based on an independent Life Cycle Assessment and discloses lifecycle impacts—carbon, energy, water, materials, and waste—providing procurement teams with standardized, third-party-validated data. Fortinet views this as an initial step and plans to extend EPD coverage across additional models to support compliance, decarbonization, and sustainable procurement.

Legacy Flaws in Network Edge Devices Threaten Orgs Today

🔒 Enterprises' network edge devices — firewalls, VPNs, routers, and email gateways — are increasingly being exploited due to longstanding 1990s‑era flaws such as buffer overflows, command and SQL injections. Researchers tracked dozens of zero‑day exploits in 2024 and continuing into 2025 that affected vendors including Fortinet, Palo Alto Networks, Cisco, Ivanti, and others. These appliances are attractive targets because they are remotely accessible, often lack endpoint protections and centralized logging, and hold privileged credentials, making them common initial access vectors for state‑affiliated actors and ransomware groups.

Fortinet Advances Global Cyber Resilience at AMC25

🔒 Fortinet participated in the World Economic Forum’s Annual Meeting on Cybersecurity (AMC25) in Dubai, engaging government, industry, and civil leaders to advance global cyber resilience. Fortinet executives Dr. Carl Windsor and Derek Manky led sessions on public‑private collaboration, frameworks for scaling disruption, and the role of the Cybercrime Atlas in enabling coordinated action. They highlighted recent coordinated operations and impact reported in the 2025 Cybercrime Atlas: Impact Report, emphasizing that aligning policy, governance, and technical intelligence is essential to protect supply chains, AI systems, and critical infrastructure.

Tracking HoldingHands Malware Expansion Across Asia

🔍 FortiGuard Labs observed a January 2025 campaign that began with Winos 4.0 infections in Taiwan and evolved into a cross‑regional HoldingHands operation affecting China, Taiwan, Japan, and Malaysia. The actor uses phishing PDFs, cloud-hosted and bespoke domains, and multi-stage loaders that leverage Windows Task Scheduler to evade detection. Shared infrastructure, reused code (including digital signatures and debug paths), and repeated JavaScript download scripts link disparate samples, and Fortinet provides detections, IOCs, and mitigation guidance.

Fortinet Named Challenger in 2025 Gartner SIEM Magic Quadrant

🛡️ Fortinet announced that FortiSIEM was named a Challenger in the 2025 Gartner Magic Quadrant for SIEM, marking the vendor's eighth consecutive inclusion. FortiSIEM centralizes IT/OT event collection and combines advanced detection analytics, a CMDB, built-in SOAR automation and FortiAI-Assist GenAI to accelerate detection, investigation and response. Fortinet also notes that FortiSIEM 7.4, released in May 2025 after Gartner’s evaluation, adds federated search, expanded dashboards and enhanced analyst guidance to further improve SOC efficiency.

Fortinet Strengthens Global Cybercrime Collaboration

🔒 Fortinet underscores its leadership within the World Economic Forum’s Cybercrime Atlas, promoting cross-sector intelligence sharing and coordinated disruption to combat cybercriminal networks. The 2025 Impact Report, released ahead of the WEF Annual Meeting on Cybersecurity 2025, details operational support for INTERPOL-led Operations Serengeti and Serengeti 2.0 and quantifies arrests, takedowns, and recovered illicit funds. Fortinet stresses the need for accountability at scale and continued expansion of collaborative capacity-building.