Fortinet is proactively communicating to customers to share analysis regarding single sign-on (SSO) abuse on FortiOS. This article has been indexed from PSIRT Blog Read the original article: Analysis of Single Sign-On Abuse on FortiOS
Tag: PSIRT Blog
Analysis of Single Sign On (SSO) abuse on FortiOS
Fortinet is proactively communicating to customers regarding a recently distributed PSIRT advisory (FG-IR-25-647) that the Fortinet Product Security team had internally discovered during a code audit and offered detailed mitigation guidance. This blog provides further analysis to customers regarding a…
Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283
This blog analysis describes the observed abuse and provides additional context so that administrators can confirm that they are not impacted and guidance based on Fortinet observations to prevent FG-IR-19-283 from being exploited. This article has been indexed from…
Analysis of Threat Actor Activity
Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent…
Advancing Responsible Disclosure Efforts: A Q&A with Michael Daniel of Cyber Threat Alliance
The Cyber Threat Alliance introduced its Responsible Vulnerability Communication Policy, laying out guidelines for responsibly handling disclosed vulnerabilities in any product or system in a way that optimizes secure outcomes. Fortinet proudly supports CTA’s adoption of this policy as part…
Analysis of Threat Actor Data Posting
This blog analysis regarding a recent threat actor posting, which claims to offer compromised configuration and VPN credentials from FortiGate devices, provides factual information to help our customers better understand the situation and make informed decisions. This article has…
Proactive, Responsible Disclosure Is One Crucial Way Fortinet Strengthens Customer Security
The cybersecurity industry continues to grow and mature. As a part of this process, we must collectively raise the topic of—and discuss the need for—ethical rules for handling the disclosure of vulnerabilities, especially given the many benefits of providing such…
Proactive Responsible Disclosure is One Crucial Way Fortinet Strengthens Customer Security
The cybersecurity industry continues to grow and mature. As a part of this process, we must collectively raise the topic of—and discuss the need for—ethical rules for handling the disclosure of vulnerabilities, especially given the many benefits of providing such…
The Importance of Patching: An Analysis of the Exploitation of N-Day Vulnerabilities
An analysis of the exploitation of resolved N-Day Fortinet vulnerabilities by an unknown actor. This article has been indexed from PSIRT Blog Read the original article: The Importance of Patching: An Analysis of the Exploitation of N-Day Vulnerabilities