Analysis of Single Sign-On Abuse on FortiOS
Fortinet is proactively communicating to customers to share analysis regarding single sign-on (SSO) abuse on FortiOS.
Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283
This blog analysis describes the observed abuse and provides additional context so that administrators can confirm that they are not impacted and guidance based on Fortinet observations to prevent FG-IR-19-283 from being exploited.
Analysis of Threat Actor Activity
Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent Fortinet investigations have discovered a post exploitation technique used by a threat actor. This blog offers analysis of that finding to help our customers make informed decisions.
Advancing Responsible Disclosure Efforts: A Q&A with Michael Daniel of Cyber Threat Alliance
The Cyber Threat Alliance introduced its Responsible Vulnerability Communication Policy, laying out guidelines for responsibly handling disclosed vulnerabilities in any product or system in a way that optimizes secure outcomes. Fortinet proudly supports CTA’s adoption of this policy as part of our ongoing commitment to advancing transparent and responsible vulnerability disclosure to help better protect customers and build trust across the industry.
Analysis of Threat Actor Data Posting
This blog analysis regarding a recent threat actor posting, which claims to offer compromised configuration and VPN credentials from FortiGate devices, provides factual information to help our customers better understand the situation and make informed decisions.
Proactive, Responsible Disclosure Is One Crucial Way Fortinet Strengthens Customer Security
The cybersecurity industry continues to grow and mature. As a part of this process, we must collectively raise the topic of—and discuss the need for—ethical rules for handling the disclosure of vulnerabilities, especially given the many benefits of providing such intelligence in protecting customers against cyber adversaries.
The Importance of Patching: An Analysis of the Exploitation of N-Day Vulnerabilities
An analysis of the exploitation of resolved N-Day Fortinet vulnerabilities by an unknown actor.
Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign
Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.
Analysis of FG-IR-22-369
A following write-up that details Fortinet's investigation into the incident that led to the discovery of FG-IR-22-369 and additional IoCs identified during our ongoing analysis.
Perspectives: FortiNAC and CVE-2022-39952
Fortinet published a Critical Advisory (FG-IR-22-300 / CVE-2022-39952) for FortiNAC on February 16, 2023. This article adds perspective to that Advisory to provide customers with additional and accurate details.
