#fortigate

#fortigate

AI Armor provides dynamic runtime security and relies on a central policy engine in the Universal Management Suite (UMS) to meet compliance requirements, ensuring that organizations can manage their security effectively.

"For healthcare, government, and contact center environments, reducing risk at the endpoint is essential. By aligning IGEL's immutable endpoint OS and Adaptive Secure Desktop™ with Windows 365 and Microsoft Azure Virtual Desktop, these reference architectures give organizations clear guidance for delivering secured and resilient digital workspaces."

I see a lot of people referring to Firewalla hardware as a firewall or security tool, and while that's correct, it also offers so much more. Think of the tech as having your very own personal network administrator, making even complex networking tasks as simple as flicking a virtual switch.

Cylake focuses on organizations that cannot store their security data and analyses in public cloud environments. According to the company, there is a growing group of organizations that need to maintain complete control over their data due to regulations, security requirements, or operational risks.

This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.

Over 600 Fortinet FortiGate firewall instances have been hacked in an AI-powered campaign that exploits exposed ports and weak credentials, AWS reports. The attacks, observed between January 11 and February 18, did not target known vulnerabilities. Instead, they focused on the exploitation of exposed device configurations across globally dispersed appliances. According to AWS, the campaign was carried out by an unsophisticated threat actor that relied on multiple commercial gen-AI services to implement known attack techniques.

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it's continuing to investigate if other products, including FortiWeb and FortiSwitch Manager, are impacted by the flaw.

Those hoping for a reprieve following last week's patch pantomime are out of luck. After users reported successful compromises of FortiCloud SSO accounts, despite being patched against an earlier flaw, the vendor confirmed there was an alternate attack path. According to a security advisory published Tuesday, that alternate path was assigned a separate vulnerability identifier (CVE-2026-24858, CVSS 9.4), and the company disabled FortiCloud SSO connections made from vulnerable versions.

Stepping in at the top of the new family of four desktop appliances, the T185 comes in as the replacement for the T85, which is now no longer available for sale and will be retired at the end of 2030. Aimed at SMB and remote office environments with up to 100 users, the T185 delivers a persuasive performance boost as it dispenses with the 1.8GHz NXP LS1046A CPU in its predecessor and replaces it with a faster quad-core 2.2GHz Intel x7405C.

Research from Pentera Labs reveals evidence of active exploitation in customer-managed business cloud environments, particularly within Fortune 500 companies and cybersecurity vendors. This exploitation is targeting training applications utilized by said organizations. These are applications typically deployed for security demos and training, including OWASP Juice Shop, DVWA and Hackazon. The research discovered thousands of systems exposed, with several hosted on enterprise infrastructure using Azure, AWS and GCP cloud platforms.