TechRadar

Deploying Fortinet VPN with default settings can leave your organization open to attack

Over 200,000 businesses that have deployed Fortinet VPN with its default configuration could be vulnerable to man-in-the-middle (MitM) attacks according to new research from the network security ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.
Queen Mary University of London

Using the VPN Provisioning Tunnel

When you first get your machine, you are required to log into the provisioning portal at the Windows login prompt. This is done by: Selecting Sign in options at the ...
heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Geekzone

Is anyone using Forticlient VPN with Microsoft MFA?

I have this configured to VPN into on-prem network with Fortigate talking to RADIUS, which in turn talks to Azure. It works perfectly for push notifications to the Authenticator app, you just approve ...