< ciso
brief />
Tag Banner

All news with #fortinet tag

220 articles · page 3 of 11

April Patch Tuesday: Critical Flaws in SAP, Adobe, Microsoft

🔒 April's Patch Tuesday addresses critical vulnerabilities across major vendors. Patches fix a near-critical SQL injection in SAP (CVE-2026-27681) that enables arbitrary database commands, an actively exploited RCE in Adobe Acrobat Reader (CVE-2026-34621), and numerous high-severity Microsoft, Fortinet, and ColdFusion issues. FortiSandbox fixes close authentication-bypass and command-injection holes, while Adobe's ColdFusion updates remediate multiple code execution and path-traversal flaws. Organizations should prioritize vendor updates and apply mitigations where immediate patching is not possible.
read more →

Surge in Brute-Force Attacks Targeting VPN Devices

🔒 Security researchers have observed a sharp rise in brute-force attempts aimed at edge devices, notably SonicWall and Fortinet appliances, with 88% of observed traffic traced to the Middle East. Barracuda reports most attempts failed, often blocked or directed at invalid usernames. The activity peaked between February and March and accounted for 56% of confirmed incidents targeting perimeter devices. Analysts warn these probes increase the risk posed by weak credentials or misconfigurations and urge stronger controls.
read more →

CISA Adds Six Actively Exploited Flaws in Major Software

🛡️ CISA on Apr 14, 2026 added six vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog after observing active exploitation. The flaws affect Fortinet FortiClient EMS, Microsoft components (Exchange Server, Windows drivers, Host Process for Windows Tasks, VBA) and Adobe Acrobat Reader, and include SQL injection, deserialization, out-of-bounds read, use-after-free and insecure library loading. Federal civilian agencies must remediate by April 27, 2026.
read more →

Fortinet Training Institute Earns Multiple Industry Awards

🏆 Fortinet’s Training Institute has been honored with multiple industry awards that validate its sustained investment in cybersecurity education and certification. The institute continues to expand the NSE Certification program with role-based pathways and a global ecosystem spanning over 150 countries and 800 academic partners. Fortinet also delivers a SaaS-based Security Awareness and Training service—now offered in an education edition free to primary and secondary schools—and has pledged to train 1 million people by the end of 2026.
read more →

Shadow AI: The Invisible Enterprise Risk to Govern

🔍 Shadow AI describes the unsanctioned use of generative AI by employees, which is growing faster than most organizations can monitor or control. When staff submit internal documents, customer data, or source code to public GenAI services, organizations frequently lack visibility into how that data is processed, stored, or reused. Traditional security architectures and fragmented point solutions cannot correlate the signals needed to assess risk end to end. Fortinet recommends combining network visibility (FortiOS and FortiGuard Labs), endpoint enforcement (FortiDLP), and cloud-delivered policy (FortiSASE) to detect, govern, and control shadow AI usage.
read more →

Fortinet Expands Global ISO 14025 EPD Certifications

🔍 Fortinet has expanded its portfolio of independently verified environmental product declarations (EPDs) by achieving ISO 14025 certification for the FortiGate 90G/91G series. This milestone makes Fortinet the first cybersecurity vendor to publish International EPDs for three major firewall families, joining the FortiGate 50G and FortiGate 40F. Each EPD is grounded in a Life Cycle Assessment and verified under PCR 2024:06, delivering standardized, auditable environmental data to support procurement, regulatory reporting, and Scope 3 transparency.
read more →

Fortinet issues emergency hotfix for FortiClient EMS

🚨 Fortinet has released an emergency hotfix for FortiClient EMS to address a critical authentication-bypass vulnerability tracked as CVE-2026-35616 that permits unauthenticated remote code execution. The flaw carries a CVSS score of 9.1 and affects on-premises EMS versions 7.4.5 and 7.4.6; FortiClient Cloud and FortiSASE were patched server-side and a full fix is planned for 7.4.7. Organizations should apply the hotfix to EMS Linux servers, audit API logs and recent configuration changes, and restore or rebuild instances if compromise is suspected.
read more →

Fortinet issues emergency FortiClient EMS patch now

🔐 Fortinet has released an emergency hotfix for FortiClient Enterprise Management Server (EMS) to address a critical improper access control flaw tracked as CVE-2026-35616 (CVSS 9.1) that is being exploited in the wild. The vendor said the interim hotfix for EMS 7.4.5 and 7.4.6 fully prevents the issue and that a permanent fix will be included in 7.4.7. Security vendor Defused also reported a separate critical SQL injection, CVE-2026-21643 (CVSS 9.8), with active exploit activity; customers were urged to upgrade to 7.4.5 or later or at minimum disconnect the administrative web interface from the internet.
read more →

CISA Orders Feds to Patch Fortinet EMS Zero-Day Urgently

⚠️ CISA has ordered federal agencies to patch FortiClient EMS instances by April 9 after the discovery of CVE-2026-35616, a pre-authentication API access bypass. Fortinet released emergency hotfixes and said unauthenticated attackers can execute code via specially crafted requests. Administrators are urged to apply hotfixes or upgrade to 7.4.7 immediately to mitigate active exploitation.
read more →

FortiOS 8.0: Unified Security for AI and Quantum Era

🔒 FortiOS 8.0 delivers a unified operating system to simplify security and networking across hybrid, multi-cloud, and IT/OT environments. The release consolidates controls through the Fortinet Security Fabric and adds features such as SASE Outpost, Sovereign SASE, unified SD‑WAN, and multipath IPsec for resilient connectivity. It also extends OT support and compliance with standards like NERC CIP and IEC 62443. Key risk-focused updates include MCP observability, image OCR in FortiGuard DLP, agentic AI automation, and FIPS 204/205 hybrid cryptography to mitigate quantum risk.
read more →

CISA Adds New KEV Entry for Fortinet FortiClient EMS

⚠ CISA has added one vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog: CVE-2026-35616, an Improper Access Control flaw affecting Fortinet FortiClient EMS. The agency reports evidence of active exploitation and highlights that this vulnerability class is a common attack vector posing significant risks to the federal enterprise. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate KEV items by their due dates, and CISA urges all organizations to prioritize timely remediation.
read more →

Emergency Patch for FortiClient EMS Zero-Day Exploit

⚠️ Fortinet released an emergency weekend hotfix to address a critical pre-authentication flaw in FortiClient EMS (CVE-2026-35616) that is being actively exploited in the wild. The improper access control defect allows unauthenticated attackers to execute commands via specially crafted API requests and affects versions 7.4.5 and 7.4.6. Fortinet urges immediate installation of the hotfixes or upgrading to 7.4.7 when available. Shadowserver reports over 2,000 exposed EMS instances, primarily in the US and Germany.
read more →

Fortinet issues hotfix for actively exploited FortiClient EMS

🔧 Fortinet has released an out‑of‑band hotfix for a critical pre‑authentication API access bypass in FortiClient EMS (CVE-2026-35616, CVSS 9.1) that has been observed exploited in the wild. The flaw allows unauthenticated attackers to bypass API authentication and authorization protections and execute commands on affected systems, impacting versions 7.4.5–7.4.6. Fortinet urges immediate installation of the hotfix and says a full remediation will be included in 7.4.7.
read more →

Securing Physical Systems as OT Comes Online in IT Era

🔒 Operational technology (OT) is rapidly moving online, creating new cyber-physical risks as industrial control systems connect to corporate IT. In a Fortinet Brass Tacks podcast, KPMG’s Hossain Alshedoki explains how visibility, culture, and measured extension of IT controls into OT are essential. He stresses resilience over replication of IT models, and prioritizes asset discovery before automation.
read more →

AI Is Changing App Threats Faster Than Teams Can Adapt

🔒 AI-driven changes in web applications and APIs are outpacing traditional controls, creating large visibility and detection gaps. The 2026 Web Application Security Report, based on a global survey of over 800 security professionals, finds only 29% confidence in overall application security and just 15% for AI-integrated apps. FortiAppSec Cloud is presented as an integrated platform combining WAF, API protection, bot mitigation, and application security services to provide shared telemetry and consistent enforcement across dynamic, service-generated traffic.
read more →

Fortinet Training Institute Announces 2026 ATC Award Winners

📣 Fortinet announced the winners of the 2026 Training Institute Authorized Training Center (ATC) Awards, recognizing partners that excel in delivering NSE certification and hands-on cybersecurity education across more than 150 countries. The awards highlight regional and categorical leaders — from Partner of the Year to Certified Trainer of the Year — for measurable impact in skills development. Fortinet emphasized that structured, role-based training is a core security control as organizations expand teams, mandate certifications, and adapt to AI-influenced threats.
read more →

Critical SQL Injection in Fortinet EMS Actively Exploited

⚠️ A critical SQL injection, CVE-2026-21643, is being actively exploited against FortiClient EMS, allowing unauthenticated attackers to execute arbitrary SQL via crafted HTTP requests. The flaw affects EMS 7.4.4 when multi-tenant mode is enabled; Fortinet released 7.4.5 to remediate. Researchers note the endpoint returns database error messages and lacks lockout protections, enabling rapid data extraction and credential theft. Administrators should patch immediately, remove internet exposure, and inspect HTTP headers for anomalous SQL.
read more →

Critical FortiClient EMS SQL Injection Now Exploited

🔴 Threat intelligence firm Defused reports active exploitation of a critical SQL injection in Fortinet FortiClient EMS, tracked as CVE-2026-21643. The vulnerability lets unauthenticated attackers inject SQL via the HTTP 'Site' header to the EMS web GUI, enabling arbitrary code or command execution on unpatched systems. Fortinet fixed the issue in 7.4.5; administrators must upgrade immediately and block public access to EMS interfaces. Defused observed first exploitation four days after discovery and Shodan/Shadowserver data indicate many publicly exposed instances.
read more →

Cybersecurity, AI, and Sovereignty: Next for Infrastructure

🔐 At the World Economic Forum’s Industry Strategy Meeting in Munich, leaders explored how rapid AI deployment and rising data sovereignty pressures are reshaping digital infrastructure and investment. The piece argues that cybersecurity must be embedded from day zero to enable trusted data exchange, interoperability between sovereign systems, and secure distributed AI. It highlights the shift from large general models toward specialized, context-aware architectures and notes Fortinet’s role in public-private collaboration to operationalize secure systems.
read more →

ThreatsDay: FortiGate RaaS, Citrix Exploits & Phish

🔔 ThreatsDay Bulletin highlights a wave of pragmatic, stealthy intrusions and abuse of lingering edge vulnerabilities. Notable findings include a nascent RaaS named The Gentlemen exploiting CVE-2024-55591 against FortiGate, a chained pre-auth RCE in BMC FootPrints, and active campaigns targeting Citrix NetScaler. The briefing underscores how small, well-crafted techniques— from deep-link MCP abuse to Teams phishing—are enabling remote access and data theft.
read more →