Fortinet Technical Tips
- von nweckelDescription This article describes an issue regarding packet loss on traffic after setting the traffic shaper on FortiGate 9xG and 12xG Scope FortiGate-9xG and 12xG Solution When the traffic shaping […]
- von fwilliamsDescription This article explains what takes place when NMAP (Network Mapper) scan is performed against a FortiGate with captive portal configured/deployed. Scope FortiOS Solution NMAP (Network Mapper) is a network […]
- von hpenmetsaDescription This article describes that when Firewall policies are in a flow-based inspection, the FortiGuard block page does not display. Scope FortiGate, FortiOS v7.0.x version. Solution The FortiGate devices running […]
- Technical Tip: Not possible to access Zoom, even if port 443 and 80 are allowed with the open policyvon VinayHMDescription This article describes how to fix the issue when the application Zoom is not working even though ports 443 and 80 are allowed with the open policy Scope FortiGate. Solution […]
- von acardonaDescription This article describes how to correct the issue when the FortiGate shows the error:'-333' via CLI when trying to provision the mobile token. Scope FortiGate. Solution When trying to […]
- von jclarDescription This article describes how to troubleshoot when logical SN or vSN does not appear on FortiGate A-P HA cluster GUI or CLI. Scope FortiGate v7.2.9, v7.4.6, v7.6.1 and later. […]
- von TedDescription This article describes how to create a large test file in Windows using 'fsutil'. Scope FortiGate. Solution Open the command prompt in Windows. Run fsutil file createnew Example: […]
- von AnthonyHDescription This article describes a known issue when trying to import FortiGate Cloud Logs labelled with the extension type 'log.gz' where the error 'Invalid Log File' or 'Internal Error' causes […]
- von nwynnDescription This article describes the FortiOS route refresh logic that applies when you have BGP neighbors with ecmp routes, and one neighbor flaps. Causing all ecmp routes to refresh. Scope […]
- von dferiadelgadoDescription This article describes how to locate logs that detail the creation of a system administrator user, including information on who acted. Scope FortiGate. Solution Details about who created a […]
Fortinet Firmware Updates
- FortiADCManager 7.6.0 B0087 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiNDR 7.4.7 B0544 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiAP-W2 7.2.5 B0386 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiPortal 7.4.4 B2110 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiAP 7.2.6 B0424 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiSwitchManager 7.0.5 B0047 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiWeb 7.6.3 B1043 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiIsolator 2.4.7 B1120 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiADC 7.4.7 B0387 and release notes are available for download from the Support site : https://support.fortinet.com
- FortiSIEM 7.3.1 B0369 and release notes are available for download from the Support site : https://support.fortinet.com
Fortinet Thread Blog
- FortiGuard Labs analyzes malicious software packages detected from November 2024 to the present and has identified various techniques used to exploit system vulnerabilities. Learn more.
- ForitGuard Lab reveals a modified Havoc deployed by a ClickFix phishing campaign. The threat actor hides each stage behind SharePoint and also uses it as a C2. Learn more.
- FortiGuard Labs uncovers an attack targeting companies in Taiwan with WinOS4.0 that spreads via official email impersonation. Learn more.
- Explore how FortiSandbox 5.0 detected this malware, the behavioral indicators it leveraged for identification, and Snake Keylogger's technique to evade detection and analysis.
- Get insights into the Lynx ransomware, which is considered the successor to the INC ransomware. This double-extortion ransomware has threatened more than 90 organizations worldwide, including those in the healthcare […]
- FortiGuard Labs reverse engineers a malware’s binaries to look into what the malware is actually doing.
- FortiGuard Labs observes a threat actor using a LNK file to deploy Coyote attacks, unleashing malicious payloads and escalating the risk to financial cybersecurity.
- An in-depth analysis of how a remote attacker deployed a rootkit and a user-space binary file by executing a shell script.
- An example of a recent phishing attempt and how to spot the obvious phishing tell-tales.
- Get detailed tactics associated with EC2 Grouper and how Lacework FortiCNAPP can be leveraged to detect this threat.
Cert Bund News
- Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Veeam Backup & Replication ausnutzen, um beliebigen Programmcode auszuführen.
- Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in xwiki ausnutzen, um Informationen preiszugeben und erhöhte Rechte zu erlangen.
- Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Liferay DXP und Liferay Portal ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
- Ein entfernter, anonymer Angreifer kann eine Schwachstelle in ESRI ArcGIS Portal ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
- Ein entfernter Angreifer kann eine Schwachstelle im Gemini Cloud Assist der Google Cloud Platform ausnutzen, um den Benutzer zu täuschen.
- Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Security ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
- Ein lokaler Angreifer kann eine Schwachstelle in IBM InfoSphere Information Server ausnutzen, um seine Privilegien zu erhöhen.
- Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Drupal und mehreren Erweiterungen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuführen.
- Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GnuPG ausnutzen, um einen Denial of Service Angriff durchzuführen.
- Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen offenzulegen oder beliebigen Code auszuführen.
Microsoft Exchange Team Blog
RSS-Fehler: A feed could not be found at `https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=6850040437866647932&board=Exchange&size=25`; the status code is `404` and content-type is `text/html;charset=UTF-8`
MSXFAQ Newsfeed
- 12. Mrz 25 EXO EWS 2025/2026 – Allgemeine Impersonation-Rechte funktionieren nicht mehr. Anpassung erforderlich
- 10. Mrz 25 AD Change Detection – So können Sie Änderungen an AD-Objekten überwachen
- 09. Mrz 25 New Outlook mit Werbung – Ohne Werbung nur noch mit Lizenz
- 07. Mrz 25 Graph mit Shared Mailbox – Wer kann wann auf ein gemeinsames Postfach mittels Graph zugreifen?
- 06. Mrz 25 Dynamische Verteiler und Exchange Hybrid – MC1024399 Neue Obergrenze bei 3000 Gruppen
- 04. Mrz 25 TERRL – Tenant External Recipient Rate Limit – Einführung wurde auf April verschoben
- 04. Mrz 25 Aktuelle Events und Veranstaltungen – Sprecher auf der Commsverse – Die Microsoft Teams Konferenz, London (18-19. Juni 2025) bestätigt.
- 03. Mrz 25 Sprachprofil in Teams – Wenn Sie Teams ein Sprach- und Bildbeispiel geben, werden sie auch in Räumen erkannt
- 28. Feb 25 Port Bounce, NAC, NPS und CoA – Wie kann ein per 802.1x authentifizierter Client eine neue Richtlinie bekommen?
- 26. Feb 25 AutoReply – Automatische Antworten auf Mails per Regel, OOF, Bot, Skript und Risiken