zCat on Nostr: Fortinet VPN design flaw hides successful brute-force attacks A design flaw in the ...
Fortinet VPN design flaw hides successful brute-force attacks
A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins.
Although the brute-force attack is still visible, a new technique allows logging only failed attempts and not successful ones, generating a false sense of security.
See more: https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hides-successful-brute-force-attacks/
#cybersecurity #fortinet
A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins.
Although the brute-force attack is still visible, a new technique allows logging only failed attempts and not successful ones, generating a false sense of security.
See more: https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hides-successful-brute-force-attacks/
#cybersecurity #fortinet