All news with #fortinet tag

⚠️ Fortinet released an emergency weekend hotfix to address a critical pre-authentication flaw in FortiClient EMS (CVE-2026-35616) that is being actively exploited in the wild. The improper access control defect allows unauthenticated attackers to execute commands via specially crafted API requests and affects versions 7.4.5 and 7.4.6. Fortinet urges immediate installation of the hotfixes or upgrading to 7.4.7 when available. Shadowserver reports over 2,000 exposed EMS instances, primarily in the US and Germany.

🔧 Fortinet has released an out‑of‑band hotfix for a critical pre‑authentication API access bypass in FortiClient EMS (CVE-2026-35616, CVSS 9.1) that has been observed exploited in the wild. The flaw allows unauthenticated attackers to bypass API authentication and authorization protections and execute commands on affected systems, impacting versions 7.4.5–7.4.6. Fortinet urges immediate installation of the hotfix and says a full remediation will be included in 7.4.7.

🔒 Operational technology (OT) is rapidly moving online, creating new cyber-physical risks as industrial control systems connect to corporate IT. In a Fortinet Brass Tacks podcast, KPMG’s Hossain Alshedoki explains how visibility, culture, and measured extension of IT controls into OT are essential. He stresses resilience over replication of IT models, and prioritizes asset discovery before automation.

🔒 AI-driven changes in web applications and APIs are outpacing traditional controls, creating large visibility and detection gaps. The 2026 Web Application Security Report, based on a global survey of over 800 security professionals, finds only 29% confidence in overall application security and just 15% for AI-integrated apps. FortiAppSec Cloud is presented as an integrated platform combining WAF, API protection, bot mitigation, and application security services to provide shared telemetry and consistent enforcement across dynamic, service-generated traffic.

📣 Fortinet announced the winners of the 2026 Training Institute Authorized Training Center (ATC) Awards, recognizing partners that excel in delivering NSE certification and hands-on cybersecurity education across more than 150 countries. The awards highlight regional and categorical leaders — from Partner of the Year to Certified Trainer of the Year — for measurable impact in skills development. Fortinet emphasized that structured, role-based training is a core security control as organizations expand teams, mandate certifications, and adapt to AI-influenced threats.

⚠️ A critical SQL injection, CVE-2026-21643, is being actively exploited against FortiClient EMS, allowing unauthenticated attackers to execute arbitrary SQL via crafted HTTP requests. The flaw affects EMS 7.4.4 when multi-tenant mode is enabled; Fortinet released 7.4.5 to remediate. Researchers note the endpoint returns database error messages and lacks lockout protections, enabling rapid data extraction and credential theft. Administrators should patch immediately, remove internet exposure, and inspect HTTP headers for anomalous SQL.

🔴 Threat intelligence firm Defused reports active exploitation of a critical SQL injection in Fortinet FortiClient EMS, tracked as CVE-2026-21643. The vulnerability lets unauthenticated attackers inject SQL via the HTTP 'Site' header to the EMS web GUI, enabling arbitrary code or command execution on unpatched systems. Fortinet fixed the issue in 7.4.5; administrators must upgrade immediately and block public access to EMS interfaces. Defused observed first exploitation four days after discovery and Shodan/Shadowserver data indicate many publicly exposed instances.

🔐 At the World Economic Forum’s Industry Strategy Meeting in Munich, leaders explored how rapid AI deployment and rising data sovereignty pressures are reshaping digital infrastructure and investment. The piece argues that cybersecurity must be embedded from day zero to enable trusted data exchange, interoperability between sovereign systems, and secure distributed AI. It highlights the shift from large general models toward specialized, context-aware architectures and notes Fortinet’s role in public-private collaboration to operationalize secure systems.

🔔 ThreatsDay Bulletin highlights a wave of pragmatic, stealthy intrusions and abuse of lingering edge vulnerabilities. Notable findings include a nascent RaaS named The Gentlemen exploiting CVE-2024-55591 against FortiGate, a chained pre-auth RCE in BMC FootPrints, and active campaigns targeting Citrix NetScaler. The briefing underscores how small, well-crafted techniques— from deep-link MCP abuse to Teams phishing—are enabling remote access and data theft.

🔍 For years defenders focused on a small set of frequently exploited CVEs, but AI and automation are widening the practical attack surface by making more vulnerabilities economically viable to probe. Fortinet telemetry and FortiGuard Labs research show attackers are using AI to accelerate reconnaissance, code adaptation, and deployment. Defenders must prioritize integrated platforms that correlate network, endpoint, and cloud telemetry with vulnerability data and threat intelligence to close blind spots and tie signals to business impact.

🔒 Fortinet has been named a Challenger in the 2026 Gartner Magic Quadrant for Cyber-Physical Systems (CPS) Protection Platforms. The recognition underscores the capabilities of the Fortinet OT Security Platform to secure converged IT/OT environments through deep OT visibility, protocol-aware segmentation, and integrated networking and security. Fortinet emphasizes unified management, ruggedized firewalls, secure SD-WAN, ZTNA, NAC, and AI-driven operations to reduce risk while preserving uptime and safety in industrial settings.

🔒 Fortinet was named a Challenger in the 2026 Gartner Magic Quadrant for Cyber-Physical Systems Protection Platforms, highlighting recognition of the Fortinet OT Security Platform. The vendor positions its solution as a unified approach that delivers OT-aware controls—automated discovery, protocol visibility, segmentation, and ruggedized firewalls—while avoiding disruption to uptime and safety. Fortinet emphasizes integrated networking and security to reduce complexity and accelerate detection and response across converged IT/OT environments.

🔒 BCI has seven Fortinet NSE 8 engineers, the highest concentration among partners globally, demonstrating hands-on mastery of design, implementation, and troubleshooting in complex security environments. These engineers come from diverse career paths but meet a single standard of practical execution under pressure. BCI positions NSE 8 as an operational benchmark that reduces architectural risk, accelerates response, and sustains long-term operability.

🔒 Fortinet will have a prominent presence at the RSA Conference (March 23–26, 2026) in San Francisco, showcasing the Fortinet Security Fabric at booth #N5762 and in featured sessions. Attendees can join three highlighted sessions addressing agentic AI defenses, APT abuse of networking devices, and large-scale cybercrime disruption. The booth features 40+ presentations, six interactive demo kiosks, an Experts Bar, and one-on-one meeting options. Fortinet customers can access complimentary Expo Hall passes or discounted full-conference registration.

🔒 A threat actor tracked as Storm-2561 is distributing spoofed enterprise VPN clients impersonating vendors such as Ivanti, Cisco, and Fortinet to harvest corporate VPN credentials. The campaign uses SEO poisoning to push victims to convincing fake vendor pages that link to a GitHub-hosted ZIP containing a malicious MSI installer. When run, the installer places a fake Pulse.exe, drops a loader (dwmapi.dll) and a Hyrax infostealer variant (inspector.dll), captures credentials and configuration files, then displays an installation error and redirects victims to the legitimate vendor site to avoid immediate suspicion.

🏆 At Fortinet Accelerate 2026, Fortinet honored the 2025 Partner of the Year Award winners for outstanding contributions to secure networking, cloud modernization, OT protection, and managed services across the Americas, APAC, and EMEA. Winners — from global system integrators like HCLTech and NTT DATA to distributors such as TD SYNNEX and regional leaders — demonstrated excellence in customer success, innovation, and technical execution. The awards highlight partner adoption of the Fortinet Security Fabric to reduce complexity and converge networking and security for hybrid and distributed environments. Recognition also emphasized growth in Unified SASE, SecOps, MSSP offerings, and OT security implementations.

🚀Fortinet has refreshed the Engage Partner Program to align partner rewards with platform-led customer outcomes across Secure Networking, Unified SASE, and AI-driven security operations. The update moves recognition beyond point-of-sale to lifecycle contributions such as architecture design, deployment, and managed services, and introduces clearer global tiers and specialization paths. Partners gain profitability incentives, expanded training (updated NSE content), and a new Partner Portal to streamline deal registration and operational workflows.

🔒 Security researchers warn of a campaign abusing FortiGate Next-Generation Firewall appliances to extract service account credentials and network configuration files. Attackers exploited disclosed vulnerabilities (for example, CVE-2025-59718, CVE-2025-59719, CVE-2026-24858) or weak credentials to create persistent admin accounts and loosen firewall policies. Compromised service accounts were used to authenticate to Active Directory, enroll rogue workstations, and enable lateral movement prior to detection.

🔐 Fortinet investigated recent reports of AI-assisted attacks and found no exploitation of FortiGate vulnerabilities; attackers instead exploited exposed management ports and weak single-factor credentials using automated password spraying. The novel concern is that conversational AI prompts and cloud resources can now automate target discovery, credential guessing, vulnerability assessment, and exploitation at scale with no coding required. Fortinet stresses defense-in-depth and rapid remediation.

🏆 Fortinet has been named a Gartner Peer Insights™ Customers’ Choice for SD‑WAN for the seventh consecutive year, reflecting sustained customer confidence. In the February 2026 Voice of the Customer report, Fortinet Secure SD‑WAN earned a 4.8/5 overall rating and a 96% willingness to recommend based on 202 verified reviews through December 31, 2025. Customers highlight integrated networking and security via FortiOS, ASIC-accelerated performance, and centralized orchestration with FortiManager as key differentiators in deployment, support, and operational simplicity.