< ciso
brief />
Tag Banner

All news with #fortinet tag

220 articles · page 7 of 11

Empowering Latinas in Cybersecurity through Training

🔒 Fortinet's Education Outreach program partners with Latinas in Cyber (LAIC) to increase representation of Latina women in cybersecurity through mentorship, practical training, and career pathways. Participants report that Fortinet's self-paced coursework and hands-on labs built technical confidence and clarified real-world security roles. Complimentary exam vouchers enabled candidates to pursue Fortinet certifications aligned with employer needs, helping translate training into tangible opportunities and career advancement.
read more →

Celebrating Fortinet's 2026 Customer Excellence Winners

🎉 Fortinet announced its 2026 Customer Excellence Award winners, recognizing organizations that have embedded security into core business strategy and delivered measurable outcomes. Awardees include Monolithic Power Systems, Wendy’s, Group 1 Automotive, Marvell Technologies, and Thames Water, showcasing advances in Secure SD‑WAN, OT protection, and security automation. The program highlights how the Fortinet Security Fabric enables consolidation, scalability, and operational resilience across industries.
read more →

FortiSIEM phMonitor Command Injection: CVE-2025-64155

⚠️ A critical command injection vulnerability in Fortinet FortiSIEM (phMonitor, tracked as CVE-2025-64155) enables unauthenticated attackers to inject commands and write files that are executed as the root user. Exploit code was disclosed publicly after a responsible disclosure to Fortinet in August 2025, and researchers warn the flaw may have allowed remote root access for nearly three years. Fortinet has released patched builds and advises restricting access to TCP port 7900 and applying updates immediately.
read more →

Exploit Published for Critical FortiSIEM Command Injection

🔓 A critical FortiSIEM vulnerability, tracked as CVE-2025-25256, enables remote unauthenticated attackers to execute arbitrary commands by invoking exposed phMonitor handlers. Horizon3.ai disclosed technical details and published a demonstrative exploit after Fortinet issued patches across supported branches. The flaw combines arbitrary write with privilege escalation to root and affects a range of FortiSIEM releases; Fortinet advises applying the supplied updates or restricting access to the phMonitor port (7900) as a temporary mitigation.
read more →

Fortinet Fixes Critical FortiSIEM Remote Code Flaw

🔒 Fortinet issued patches for a critical FortiSIEM vulnerability (CVE-2025-64155, CVSS 9.4) that permits unauthenticated OS command injection and remote code execution via the phMonitor service on TCP port 7900. The flaw enables argument injection leading to arbitrary file writes as admin and a cron-triggered escalation to root. Affected releases span 6.7–7.4 with fixed builds; 7.5 and FortiSIEM Cloud are not impacted. Apply vendor updates or restrict access to port 7900 as a temporary mitigation.
read more →

The Year of Resilience: What 2026 Requires of CISOs

🔒 Fortinet CISO Carl Windsor argues that 2026 will demand resilience as the central organizing principle for security as AI accelerates both innovation and risk. CISOs must act as de facto chief resilience officers, embedding continuity into AI-augmented operations and assuming AI-enabled failures will occur. He outlines five strategic priorities—business continuity, AI governance, hardened identity, cross‑functional collaboration, and continual adaptation—to contain and absorb disruption.
read more →

Fortinet NSE Training Now Eligible for ISC2 CPE Credits

🔒 Fortinet has joined the ISC2 CPE Submitter program, enabling many Fortinet Training Institute offerings to count as continuing professional education (CPE) credits toward CISSP maintenance. Qualifying activities include NSE certification courses, Fast Tracks, webinars, and other online or in-person sessions; ISC2 recognizes one hour of Fortinet instruction as one CPE credit, up to eight credits per day. Participants must log in to their ISC2 portal and submit the Fortinet course name, duration, and completion date to claim credits.
read more →

Thousands of FortiGate Firewalls Still Exposed to 2020 Flaw

🔒 Bleeping Computer reports that attackers are actively exploiting an older FortiOS vulnerability, CVE-2020-12812, which can bypass two-factor authentication. Although Fortinet issued a patch in July 2020, researchers say at least 10,000 FortiGate firewalls remain unpatched. Administrators are urged to install the latest updates immediately to mitigate account access risks. Additional measures include restricting administrative access, rotating credentials, and monitoring logs for suspicious activity.
read more →

10,000+ Fortinet Firewalls Exposed to 2FA Bypass Worldwide

⚠ Administrators continue to find more than 10,000 internet-exposed Fortinet firewalls vulnerable to an active two-factor authentication bypass (CVE-2020-12812) that was patched in July 2020. The flaw in FortiOS SSL VPN permits login without a second factor when username case is altered; Fortinet advised disabling username case sensitivity as a mitigation. Shadowserver reports over 1,300 affected IPs in the U.S. — network owners should patch, apply mitigations, and audit LDAP-dependent management interfaces immediately.
read more →

Infosecurity Top 10: Key Cybersecurity Stories of 2025

🔒 Cybersecurity in 2025 was defined by high-profile breaches, weaponized AI and renewed focus on supply-chain and vulnerability management. Major events included vendor withdrawals from MITRE ATT&CK evaluations, a large-scale IoT proxy network, a critical Fortinet zero-day in active exploitation, and the fast mitigation of an npm package compromise. New risks such as 'quishing', LLM-driven hallucination attacks and agentic AI guidance from OWASP also shaped the year.
read more →

Fortinet warns: 5-year-old FortiOS 2FA bypass exploited

🔒 Fortinet warns that attackers continue to exploit a critical FortiOS vulnerability (CVE-2020-12812) that can bypass two-factor authentication on FortiGate SSL VPNs by changing the case of the username. The issue affects configurations where local users requiring FortiToken are linked to LDAP groups and stems from inconsistent case-sensitive matching between local and remote authentication. Fortinet patched the bug in July 2020 and advised disabling username case sensitivity or removing secondary LDAP group fallbacks if patches cannot be deployed; the vendor reports ongoing abuse against appliances with LDAP configured.
read more →

SASE Certifications: Validating Converged Network Security

🔐 This article outlines seven certification programs from leading vendors that validate skills in converged, cloud-native Secure Access Service Edge (SASE) architectures. It summarizes entry to professional-level credentials from Cato Networks, Cisco, Fortinet, Netskope, Palo Alto Networks, Versa, and Zscaler, highlighting target audiences, exam formats, costs, and key competencies such as SD‑WAN, ZTNA, CASB and FWaaS. The piece also notes Gartner’s market projection and emphasizes that these credentials address a widening skills gap as enterprises migrate from perimeter-based defenses.
read more →

Fortinet: Active Exploitation of SSL VPN Auth Bypass

⚠️ Fortinet warned on December 24, 2025 that attackers are actively abusing a five‑year‑old FortiOS SSL VPN flaw, CVE-2020-12812 (CVSS 5.2), to bypass two‑factor authentication under specific configurations. The issue stems from inconsistent case sensitivity between FortiGate local users and LDAP directories: if a username's case does not exactly match the local entry, FortiGate may fall back to LDAP and accept credentials without 2FA. Fortinet reiterated prior patches and published configuration mitigations and commands to disable username case sensitivity, and advised customers to contact support and reset credentials if unauthorized 2FA bypass is detected.
read more →

Observed Abuse of FG-IR-19-283: LDAP Username Case Issue

🔐 Fortinet has observed active abuse of FG-IR-19-283 (CVE-2020-12812) in environments where FortiGate and LDAP username case handling differ. In these configurations, a username entered with any case variation that does not exactly match the local FortiGate entry can bypass local 2FA and instead authenticate via an LDAP group fallback. Administrators should enable the appropriate username sensitivity setting or remove unnecessary secondary LDAP groups to block this bypass.
read more →

Quantum Readiness Begins Now: Preparing Enterprise Security

🔐 Fortinet warns that "harvest-now, decrypt-later" attacks make long-term confidentiality vulnerable now and urges organizations to begin quantum readiness today. The company identifies four essential capabilities for enterprise-grade quantum-safe solutions: minimal performance impact, mandatory crypto-agility, adherence to standards, and deployment flexibility. Fortinet highlights hardware acceleration (NP7 ASICs) to preserve throughput, a required Hybrid Mode to combine classical and PQC key exchanges (e.g., DH + ML-KEM), NIST-approved PQC algorithms for interoperability, and optional QKD for highest-assurance links.
read more →

Weekly Recap - Firewall Exploits, AI Data Theft and More

⚡ Over the past week attackers exploited flaws in edge and network products from Fortinet, SonicWall, Cisco, and WatchGuard, targeting firewalls and appliances to gain deeper access. Browser extensions and Android TVs were abused for data theft and botnet recruitment. Campaigns by groups such as Ink Dragon, Kimsuky, and LongNosedGoblin deployed implants and innovative delivery chains, highlighting the urgent need for rapid patching, inventory verification, and tighter controls on trusted systems.
read more →

Over 25,000 FortiCloud SSO Devices Exposed Online

🔒 Shadowserver has identified more than 25,000 Fortinet devices online with FortiCloud SSO enabled, amid active exploitation of a critical authentication bypass (CVE-2025-59718/CVE-2025-59719). Researchers report attackers send malicious SAML messages to perform unauthorized SSO, gain admin-level access, and download system configuration files containing hashed credentials, exposed services, and network details. CISA added the flaw to its list of actively exploited vulnerabilities and ordered U.S. agencies to patch within a week; Fortinet notes FortiCloud SSO is only enabled after device registration, but many management interfaces remain publicly reachable.
read more →

CISA Adds WatchGuard Vulnerability to KEV Catalog List

🔔 CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog: CVE-2025-14733, an Out-of-Bounds Write vulnerability affecting WatchGuard Firebox. The agency says there is evidence of active exploitation and highlights that BOD 22-01 requires Federal Civilian Executive Branch agencies to remediate KEV entries by their due dates. CISA also urges all organizations to prioritize timely remediation to reduce exposure to active threats.
read more →

AI Is Reshaping Modern Cybercrime: Practitioner Findings

🔍 Fortinet and academic partners, including UC Berkeley’s CLTC and the Berkeley Risk and Security Lab, collaborated on global tabletop exercises and analysis to assess how AI is reshaping cybercrime. The Singapore TTX demonstrated that AI amplifies existing attack vectors—speeding reconnaissance, phishing, and malware development—while lowering barriers to entry and fostering criminal specialization. Defenders reported that governance, decision rights, and human judgment often mattered more than specific tools, underscoring the need for strong public-private collaboration and human oversight of AI-assisted detection.
read more →

AI Is Reshaping Modern Cybercrime: Key TTX Findings

🔎 Fortinet and UC Berkeley partners analyzed a Singapore tabletop exercise to assess how AI is reshaping cybercrime and defense. The practitioner perspective complements CLTC’s academic work and shows AI is amplifying existing attack vectors—speeding phishing, reconnaissance, code generation, and malware iteration—while lowering barriers to entry. The exercise highlighted that governance, human judgment, and cross-sector collaboration frequently determine response effectiveness more than specific tools.
read more →