home.social

#fortigate — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fortigate, aggregated by home.social.

  1. CyberStrikeAI used in 600+ FortiGate intrusions across 55 countries.
    AI-driven exploit orchestration + 100+ integrated tools.
    21 IPs tied to China-based infra.
    Patch FortiGate immediately.

    Full report:
    technadu.com/cyberstrikeai-dep

    #InfoSec #AIThreats #FortiGate

  2. CyberStrikeAI used in 600+ FortiGate intrusions across 55 countries.
    AI-driven exploit orchestration + 100+ integrated tools.
    21 IPs tied to China-based infra.
    Patch FortiGate immediately.

    Full report:
    technadu.com/cyberstrikeai-dep

    #InfoSec #AIThreats #FortiGate

  3. CyberStrikeAI used in 600+ FortiGate intrusions across 55 countries.
    AI-driven exploit orchestration + 100+ integrated tools.
    21 IPs tied to China-based infra.
    Patch FortiGate immediately.

    Full report:
    technadu.com/cyberstrikeai-dep

    #InfoSec #AIThreats #FortiGate

  4. CyberStrikeAI used in 600+ FortiGate intrusions across 55 countries.
    AI-driven exploit orchestration + 100+ integrated tools.
    21 IPs tied to China-based infra.
    Patch FortiGate immediately.

    Full report:
    technadu.com/cyberstrikeai-dep

    #InfoSec #AIThreats #FortiGate

  5. Bleeping Computer: Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks. “Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. A new report by CJ Moses, CISO of Amazon Integrated Security, says that the hacking campaign occurred between […]

    https://rbfirehose.com/2026/02/28/amazon-ai-assisted-hacker-breached-600-fortinet-firewalls-in-5-weeks-bleeping-computer/
  6. THREAT MODEL: CYBERSECURITY
    for Feb. 24th, 2026
    by independent journalist @violetblue

    - People across the US are destroying #Flock cameras

    - #Discord ’s “new” ID check tool was on a US government server

    - #Arizona and #Colorado want ID scanning for all computer and phone use

    - @wikipedia banned #ArchiveToday for DDoS attacks

    - Some rando used #AI to hack #FortiGate

    - @financialtimes unmasked a Russian oil smuggling ring (from Kremlin-controlled Rosneft) through the ring’s use of a single email server

    - Another major #AotearoaNewZealand health app breach

    - #TimCurry reveals Clue’s secret ending

    - BBC/BAFTA leave N-word intact on tape delay

    ...and much more.

    ✨ THREAT MODEL is free to read -- please help keep it accessible to all by becoming a patron, even $1 a month makes a difference! ✨

    patreon.com/posts/cybersecurit

    #ThreatModel #ThreatModelCybersecurity #ThreatModelNewsletters #VioletBlue #infosec #cybersec #CovidIsNotOver

  7. THREAT MODEL: CYBERSECURITY
    for Feb. 24th, 2026
    by independent journalist @violetblue

    - People across the US are destroying #Flock cameras

    - #Discord ’s “new” ID check tool was on a US government server

    - #Arizona and #Colorado want ID scanning for all computer and phone use

    - @wikipedia banned #ArchiveToday for DDoS attacks

    - Some rando used #AI to hack #FortiGate

    - @financialtimes unmasked a Russian oil smuggling ring (from Kremlin-controlled Rosneft) through the ring’s use of a single email server

    - Another major #AotearoaNewZealand health app breach

    - #TimCurry reveals Clue’s secret ending

    - BBC/BAFTA leave N-word intact on tape delay

    ...and much more.

    ✨ THREAT MODEL is free to read -- please help keep it accessible to all by becoming a patron, even $1 a month makes a difference! ✨

    patreon.com/posts/cybersecurit

    #ThreatModel #ThreatModelCybersecurity #ThreatModelNewsletters #VioletBlue #infosec #cybersec #CovidIsNotOver

  8. The categorization of the Fortinet web filter is hilarious. I got a report that a certain website is incorrectly blocked by our firewall. After looking into it, the specific website belongs to a large organization.

    Different organizational levels of this large organization are categorized as:

    • Political organization (federal level)
    • General organization (state level)
    • Advocacy organization (local level), giving it an R age rating (18+)

    The “correct” classification should be either general organization or simply “business”.

    This is wrong on many levels. Why are advocacy groups blocked by default? Why do they have an R rating (because politics is only for adults? But then why only advocacy groups and not political organizations?).

    #fortinet #fortigate #fortiguard

  9. The categorization of the Fortinet web filter is hilarious. I got a report that a certain website is incorrectly blocked by our firewall. After looking into it, the specific website belongs to a large organization.

    Different organizational levels of this large organization are categorized as:

    • Political organization (federal level)
    • General organization (state level)
    • Advocacy organization (local level), giving it an R age rating (18+)

    The “correct” classification should be either general organization or simply “business”.

    This is wrong on many levels. Why are advocacy groups blocked by default? Why do they have an R rating (because politics is only for adults? But then why only advocacy groups and not political organizations?).

    #fortinet #fortigate #fortiguard

  10. The categorization of the Fortinet web filter is hilarious. I got a report that a certain website is incorrectly blocked by our firewall. After looking into it, the specific website belongs to a large organization.

    Different organizational levels of this large organization are categorized as:

    • Political organization (federal level)
    • General organization (state level)
    • Advocacy organization (local level), giving it an R age rating (18+)

    The “correct” classification should be either general organization or simply “business”.

    This is wrong on many levels. Why are advocacy groups blocked by default? Why do they have an R rating (because politics is only for adults? But then why only advocacy groups and not political organizations?).

    #fortinet #fortigate #fortiguard

  11. The categorization of the Fortinet web filter is hilarious. I got a report that a certain website is incorrectly blocked by our firewall. After looking into it, the specific website belongs to a large organization.

    Different organizational levels of this large organization are categorized as:

    • Political organization (federal level)
    • General organization (state level)
    • Advocacy organization (local level), giving it an R age rating (18+)

    The “correct” classification should be either general organization or simply “business”.

    This is wrong on many levels. Why are advocacy groups blocked by default? Why do they have an R rating (because politics is only for adults? But then why only advocacy groups and not political organizations?).

    #fortinet #fortigate #fortiguard

  12. AI KRAAKT 600 FIREWALLS, BEURZEN DALEN EN ODIDO ESCALEERT

    Een Russische hacker gebruikte AI om 600+ FortiGate firewalls te hacken. Claude Code Security deed beurzen kelderen. 30.000+ OpenClaw instances gecompromitteerd. Klanten van Odido: check je bankrekening.

    ccinfo.nl/journaal/3025262_ai-

    #Cyberjournaal #ccinfo #FortiGate #AI #OpenClaw #SANDWORMMODE #Odido #cybersecurity #Nederland #Belgie

  13. 📢⚠️ 🤖 #Amazon Threat Intel says a low-skill hacker used commercial AI tools to breach hundreds of #FortiGate devices worldwide, showing how automation is lowering the barrier for large-scale cyberattacks.

    Read more: hackread.com/amazon-hacker-ai-

    #CyberSecurity #AI #CyberAttack #CyberCrime #Automation

  14. fortiguard.com/psirt/FG-IR-25-

    FortiGate SSLVPN vuln CVE-2025-68686

    (Not) rated highly yet. However, I would promptly patch it (and quickly move away from SSL VPN, regardless of the vendor; instead use IKEv2 EAP-TLS or WireGuard). I think this one might rapidly elevate to a RCE

    #infosec #fortigate #fortinet #sslvpn

  15. While I fully agree with the sentiment, I'd like to know _why_ my #Fortigate #firewall suddenly stops all users from loading office.com whenever any application filter profile is active on that network. This happens even if all filter rules are set to monitor or allow.

    The FW log doesn't show anything, but the browser seems to hang on handshake, so I'm wondering if it might be related to the current SSL vulnerability that I haven't yet read up on.

  16. Skoordynowany atak na polską elektrociepłownię – zimowy sygnał alarmowy

    Czy gdy na zewnątrz trzaska mróz, ktoś przez dziewięć miesięcy gramoli się przez Twoją serwerownię? W jednej z polskich elektrociepłowni – tak.

    Czytaj dalej:
    pressmind.org/skoordynowany-at

    #PressMindLabs #certpolska #edr #fortigate #oze #statictundra

  17. 📢 CERT Polska révèle des attaques destructrices coordonnées contre l’énergie et l’industrie en Pologne
    📝 Selon CERT Polska (CSIRT NASK), un ensemble d’attaques purement destructrices a visé le 29 décembre 2025...
    📖 cyberveille : cyberveille.ch/posts/2026-01-3
    🌐 source : cert.pl/en/posts/2026/01/incid
    #FortiGate #ICS_OT #Cyberveille

  18. Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

    ( reddit.com/r/fortinet/comments )

    Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

    Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

    Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

    [Références]
    "Fortinet admins report patched FortiGate firewalls getting hacked"
    👇
    bleepingcomputer.com/news/secu

    ( cyberveille.ch/posts/2026-01-2)

    💬
    ⬇️
    infosec.pub/post/40878137

    #CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

  19. Just some network porn for evening 😎#juniper and #fortigate plus some #lenovo.

  20. fortiguard.com/psirt/FG-IR-25- CVE-2025-25249

    A heap-based buffer overflow vuln in FortiOS cw_acd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands

    Always use FortiGate local-in-policies on all interfaces for hardening.

    #infosec #fortinet #fortigate #hardening

  21. Nehmt proprietäre #itsecurity haben sie gesagt. Wird schon sicher sein haben sie gesagt.

    borncity.com/blog/2025/09/26/c

    Nahezu wöchentlich klopfen irgendwelche Systemhäuser mit #itsecurity bei mir in der Firma an. Sobald #cisco, #fortigate, #sophos oder #watchguard fallen ist das Gespräch vorbei. Diese Leute haben nichts verstanden, es reicht eben nicht sich eine nette Appliance mit blauem Schoss auf der Verpackung in den Serverschrank zu nageln!

  22. Kann mich jemand unterstützen bei der Installation von #Fortigate #FortiClient #SSLVPN unter #Ubuntu 24 LTS. Der Client läuft, die Config ist auch klar, aber die einzige Meldung die ich beim connecten kriege ist "Login canceled".

  23. Krytyczny błąd 0day w Fortigate. Jest w trakcie exploitacji, przejmują dostępy do VPNa w firmach.

    Luka umożliwia pełne przejęcie urządzenia z poziomu Internetu. Tj. zdobycie uprawnień super-admina. Podatność jest wykorzystywana w realnych atakach, najprawdopodobniej od okolic grudnia 2024. Nie wiadomo dokładnie jaka grupa odpowiedzialna jest za ataki. W ramach ataków wykonywane są takie operacje jak: Podatne są FortiOS (7.0.0 do 7.0.16) oraz FortiProxy (linia 7.0.x...

    #WBiegu #0Day #AuthBypass #AuthenticationBypass #Fortigate #VPN

    sekurak.pl/krytyczny-blad-0day

  24. #Fortinet have dropped 29 security updates today, 14 of which are rated "high" or "critical". Have fun everyone. (Fortunately, only one 'low' affects our stuff but FFS, come on)

    fortiguard.com/psirt

    #fortios #fortifail #fortigate

  25. Publication par Assetnote d'une analyse précise de la vulnérabilité RCE de février (CVE-2024-21762) dans les composants VPN SSL de FortiGate

    Patch Diffing ➡️ Crash ➡️Exploit
    👇
    assetnote.io/resources/researc

    Des PoC sont désormais disponibles sur Github
    ➡️ h4x0r-dz/CVE-2024-21762

    (exploitation de masse sur internet en cours)

    #CyberVeille #Fortigate #CVE_2024_21762

  26. Publication par Assetnote d'une analyse précise de la vulnérabilité RCE de février (CVE-2024-21762) dans les composants VPN SSL de FortiGate

    Patch Diffing ➡️ Crash ➡️Exploit
    👇
    assetnote.io/resources/researc

    Des PoC sont désormais disponibles sur Github
    ➡️ h4x0r-dz/CVE-2024-21762

    (exploitation de masse sur internet en cours)

    #CyberVeille #Fortigate #CVE_2024_21762

  27. Publication par Assetnote d'une analyse précise de la vulnérabilité RCE de février (CVE-2024-21762) dans les composants VPN SSL de FortiGate

    Patch Diffing ➡️ Crash ➡️Exploit
    👇
    assetnote.io/resources/researc

    Des PoC sont désormais disponibles sur Github
    ➡️ h4x0r-dz/CVE-2024-21762

    (exploitation de masse sur internet en cours)

    #CyberVeille #Fortigate #CVE_2024_21762

  28. Publication par Assetnote d'une analyse précise de la vulnérabilité RCE de février (CVE-2024-21762) dans les composants VPN SSL de FortiGate

    Patch Diffing ➡️ Crash ➡️Exploit
    👇
    assetnote.io/resources/researc

    Des PoC sont désormais disponibles sur Github
    ➡️ h4x0r-dz/CVE-2024-21762

    (exploitation de masse sur internet en cours)

    #CyberVeille #Fortigate #CVE_2024_21762

  29. Publication par Assetnote d'une analyse précise de la vulnérabilité RCE de février (CVE-2024-21762) dans les composants VPN SSL de FortiGate

    Patch Diffing ➡️ Crash ➡️Exploit
    👇
    assetnote.io/resources/researc

    Des PoC sont désormais disponibles sur Github
    ➡️ h4x0r-dz/CVE-2024-21762

    (exploitation de masse sur internet en cours)

    #CyberVeille #Fortigate #CVE_2024_21762

  30. L'implementazione di LDAP su SSL (#LDAPS) con dispositivi #FortiGate rappresenta una soluzione essenziale per migliorare la #sicurezza della gestione delle identità e delle politiche di accesso nella rete aziendale.

    ictpower.it/sicurezza/fortinet

  31. Super happy that #fortinet didn't wait until 10pm today to announce the new #fortigate vulnerability. I could actually spend the regular work day getting all our clients patched.
    Not that I didn't have enough other work to do.
    #cve_2024_21762