All news with #fortinet tag

⚠️ A path traversal vulnerability in Fortinet FortiWeb appliances is being actively exploited to create local administrative users without authentication. Researchers from Defused and PwnDefend described requests targeting the /api/v2.0/cmdb/system/admin%3f/../../../../../cgi-bin/fwbcgi endpoint that inject admin accounts. Rapid7 and others confirm versions 8.0.1 and earlier are affected, while 8.0.2 is believed to contain the fix. Administrators are urged to update immediately, review logs for fwbcgi access, and search for unexpected admin accounts.

🔒 Fortinet has been named the inaugural Google Unified Security Recommended partner for network protection, recognizing FortiSASE and FortiGate NGFW running natively on Google Cloud. The collaboration delivers a cloud-native SASE that unifies networking and security with global PoPs on Google’s private backbone, centralized policy and telemetry via FortiManager, and AI-enhanced threat protection from FortiGuard Labs. Customers can deploy through Google Cloud Marketplace and expect lower TCO through a consolidated architecture and simplified operations.

🔒 Fortinet has been named the inaugural Google Unified Security Recommended partner for network protection, integrating FortiSASE and the FortiGate NGFW to run natively on Google Cloud. The integration delivers unified policy and shared telemetry with Google Security Operations, combining FortiGuard Labs and Google threat intelligence for AI-driven detection and response. Customers gain consolidated management, improved performance via Google’s backbone, and simplified procurement through the Google Cloud Marketplace.

🔒 Google Cloud is launching the Google Unified Security Recommended program to validate deep integrations between its security portfolio and third-party vendors. Inaugural partners CrowdStrike, Fortinet, and Wiz bring endpoint, network, and multicloud CNAPP capabilities into Google Security Operations. Partners commit to cross-product technical integration, a collaborative support model, and investment in AI initiatives such as the model context protocol (MCP). Qualified solutions will be available via Google Cloud Marketplace for simplified procurement and consolidated billing.

🏆 Fortinet has been named a Gartner Peer Insights Customers’ Choice for Security Service Edge (SSE) for the third consecutive year and is the only cybersecurity vendor to receive this recognition in the SSE market. Based on 195 verified end-user reviews as of August 2025, Fortinet achieved a 4.9/5 overall rating, 90% five-star reviews and 100% willingness to recommend. FortiSASE is highlighted for delivering unified, AI-powered cloud security backed by 170+ POPs, a single unified agent and deployment flexibility that aims to reduce operational overhead. Fortinet frames the recognition as validation of customer trust and its focus on simplifying secure hybrid work.

🏆Fortinet’s FortiGate Rugged series (FGR-50G-5G and FGR-70G-5G) earned the Red Dot Product Design Award for its fanless industrial design, integrated 5G, and purpose-built ASIC performance. Engineered for OT and critical infrastructure, the appliances combine thermal resilience, shock and moisture protection, and low-latency security functions including next-generation firewalling, SD-WAN, VPN, and AI-driven threat detection. The recognition underscores Fortinet’s focus on precision engineering and durable, field-ready security.

🔒 FortiGuard Incident Response observed that in H1 2025 financially motivated actors frequently used stolen credentials and legitimate remote-access software to gain and extend access across environments. Adversaries relied on compromised VPN logins, password reuse, or purchased credentials, deploying tools like AnyDesk, Splashtop, Atera and ScreenConnect to move laterally and exfiltrate data manually. These intrusions often bypass endpoint-focused defenses because activity mimics normal user behavior, so FortiGuard emphasizes identity- and behavior-driven detection, broad MFA enforcement, and monitoring of remote access tooling.

🏆 Fortinet received two 2025 Crime Stoppers International awards—the Cybersecurity Leadership Award and the Corporate Leadership in Crime Prevention Award—for its global efforts to disrupt cybercrime through intelligence sharing, partnership, and workforce development. FortiGuard Labs and the Fortinet Training Institute are cited for delivering actionable threat intelligence and scalable education. The honors validate more than a decade of sustained public‑private collaboration and data‑driven prevention.

🔒 Artificial intelligence is reshaping cybersecurity, creating both enhanced defensive capabilities and new risks that require broad AI literacy. The White House's America’s AI Action Plan and Fortinet’s 2025 Cybersecurity Global Skills Gap Report show strong adoption—97% of organizations use or plan AI in security—yet 48% cite lack of staff expertise as a major barrier. Fortinet recommends targeted training, policies for generative AI use, and its Security Awareness modules to help close the gap and reduce threat exposure.

🚀 Fortinet announced enhancements to Fortinet Unified SASE, expanding its global footprint to over 170 points of presence and embedding AI-powered operations. FortiAI-Assist automates diagnostics and remediation to accelerate mean time to resolution, while an agentless Secure Browser and SaaS Security Posture Management extend DLP and compliance controls across 80+ SaaS apps. These updates aim to boost performance, simplify operations, and strengthen data protection for distributed workforces.

🛡️ Cybersecurity Awareness Month underscores that protecting organizational data requires attention to internal handling as well as external threats. Fortinet’s 2025 Insider Risk Report found 77% of organizations experienced insider-related data loss in the past 18 months, with nearly half of incidents tied to simple negligence. The report highlights mounting GenAI concerns and recommends a layered approach combining visibility, behavioral analytics, and real-time coaching to prevent accidental and malicious loss.

🌱 Fortinet has published the industry’s first Environmental Product Declaration (EPD) for the FortiGate-40F Next-Generation Firewall, verified under the new PCR 2024:06. The EPD is based on an independent Life Cycle Assessment and discloses lifecycle impacts—carbon, energy, water, materials, and waste—providing procurement teams with standardized, third-party-validated data. Fortinet views this as an initial step and plans to extend EPD coverage across additional models to support compliance, decarbonization, and sustainable procurement.

🔒 Enterprises' network edge devices — firewalls, VPNs, routers, and email gateways — are increasingly being exploited due to longstanding 1990s‑era flaws such as buffer overflows, command and SQL injections. Researchers tracked dozens of zero‑day exploits in 2024 and continuing into 2025 that affected vendors including Fortinet, Palo Alto Networks, Cisco, Ivanti, and others. These appliances are attractive targets because they are remotely accessible, often lack endpoint protections and centralized logging, and hold privileged credentials, making them common initial access vectors for state‑affiliated actors and ransomware groups.

🔒 Fortinet participated in the World Economic Forum’s Annual Meeting on Cybersecurity (AMC25) in Dubai, engaging government, industry, and civil leaders to advance global cyber resilience. Fortinet executives Dr. Carl Windsor and Derek Manky led sessions on public‑private collaboration, frameworks for scaling disruption, and the role of the Cybercrime Atlas in enabling coordinated action. They highlighted recent coordinated operations and impact reported in the 2025 Cybercrime Atlas: Impact Report, emphasizing that aligning policy, governance, and technical intelligence is essential to protect supply chains, AI systems, and critical infrastructure.

🔍 FortiGuard Labs observed a January 2025 campaign that began with Winos 4.0 infections in Taiwan and evolved into a cross‑regional HoldingHands operation affecting China, Taiwan, Japan, and Malaysia. The actor uses phishing PDFs, cloud-hosted and bespoke domains, and multi-stage loaders that leverage Windows Task Scheduler to evade detection. Shared infrastructure, reused code (including digital signatures and debug paths), and repeated JavaScript download scripts link disparate samples, and Fortinet provides detections, IOCs, and mitigation guidance.

🛡️ Fortinet announced that FortiSIEM was named a Challenger in the 2025 Gartner Magic Quadrant for SIEM, marking the vendor's eighth consecutive inclusion. FortiSIEM centralizes IT/OT event collection and combines advanced detection analytics, a CMDB, built-in SOAR automation and FortiAI-Assist GenAI to accelerate detection, investigation and response. Fortinet also notes that FortiSIEM 7.4, released in May 2025 after Gartner’s evaluation, adds federated search, expanded dashboards and enhanced analyst guidance to further improve SOC efficiency.

🔒 Fortinet underscores its leadership within the World Economic Forum’s Cybercrime Atlas, promoting cross-sector intelligence sharing and coordinated disruption to combat cybercriminal networks. The 2025 Impact Report, released ahead of the WEF Annual Meeting on Cybersecurity 2025, details operational support for INTERPOL-led Operations Serengeti and Serengeti 2.0 and quantifies arrests, takedowns, and recovered illicit funds. Fortinet stresses the need for accountability at scale and continued expansion of collaborative capacity-building.

🛡️ FortiGuard Labs has identified a campaign distributing the Stealit infostealer via disguised game and VPN installers shared on file‑hosting sites and platforms like Discord. Attackers use Node.js Single Executable Apps (SEA) and PyInstaller bundles, heavy obfuscation and multiple anti‑analysis techniques to avoid detection. Once executed, Stealit harvests data from browsers, game clients, messaging apps and cryptocurrency wallets, and its operators rotate C2 domains while marketing the toolkit commercially.

⚠️ Fortinet FortiGuard Labs has detailed an active campaign dubbed Stealit that uses Node.js Single Executable Application (SEA) packaging—and in some builds, the Electron framework—to deliver credential-stealing and remote-access payloads. Operators distribute counterfeit game and VPN installers via file-hosting sites and messaging platforms, which drop three primary executables that perform browser and messenger data theft, wallet extraction, and persistence with live screen streaming. Installers run anti-analysis checks, write a Base64 authentication key to %temp%\cache.json for C2 authentication, and configure Microsoft Defender exclusions to conceal downloaded components.

🔍 FortiGuard Labs identified an active Stealit campaign that distributes malware packaged with Node.js Single Executable Application (SEA) technology to create standalone Windows binaries. Operators deliver fake game and VPN installers via file-sharing sites and Discord, using multi-layer obfuscation and in-memory execution. The modular payloads harvest browser data, extension-based crypto wallets, and provide remote access, with persistence via a startup Visual Basic script. Fortinet provides detections and recommends updating protections and user training.