📘 Structured Guide to Configuring FortiClient Remote Access VPN on FortiGate Firewalls This guide delivers a clear step by step overview of how to configure an IPSec-based Remote Access VPN using FortiClient alongside FortiGate firewalls.

Interesting new Sandworm campaign shared by MTI Systems exploited by Sandworm were notable: • ConnectWise ScreenConnect (CVE-2024-1709) • Fortinet FortiClient EMS (CVE-2023-48788) Their change of targeting to the 🇺🇸 & 🇬🇧 is interesting too 👀

Lately, I've been fully immersed in a project as the primary engineer, managing FortiClient EMS, FortiClient, and FortiAnalyzer. I've gained valuable experience in deployment and recently achieved another certification, which has further boosted my skills. My focus now is on

Just published two new vulnerability write-ups: 💻FortiClient – Two-click RCE via code injection in the login window https://t.co/ga7YeSpfwj ⚠️FortiGuard – “Access Blocked” page XSS https://t.co/tHsBJLhIL2

Who actively monitors the Application Event Log for the Event ID 15457, containing the string xp_cmdshell? The screenshot below is from an Incident Response engagement this year from an exploited FortiClient EMS server (CVE-2023-48788). xp_cmdshell spawns a Windows command

Does anyone know the meaning of the hexadecimal value of the "installed" key in FortiClient VPN? HKEY_CURRENT_USER\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-7.4.3.1790 It's a value that increases version by version. Could it be a date?

BITLOCKER FORTICLIENT VPN SALESFORCE MONDAY DOT COM EXCEL AND MICROSOFT OFFICE ALL OF YOU GET IN THE VAN I CANNOT DO THIS EVERY DAY

Day 75💃 I worked on my FortiEMS and integrating it with my active directory. I added my AD server as the authenticated server, imported my domain users & computers. I also installed my FortiClient and deployed the agent. #100DaysOfCyberSecurity

We need to investigate whether #MasterWrapper can be used to create a #FortiClient installation like this. We need to look into how to check if the interface is up and prompt the user to log out. Then, close services and processes. Finally, install and reboot (prompting again).

🛡️ VULNERAN VPN DE FORTINET: UNA FALLA QUE EXPONE TUS REDES Y SISTEMAS Un grupo chino conocido como BrazenBamboo están explotando una nueva vulnerabilidad en el cliente VPN de Fortinet para Windows, FortiClient. Este fallo les permite robar nombres de usuario y contraseñas

Day 77💃 Again, today with my FortiEMS. I deployed my FortiClient agents, configured my SMTP server, sent invitations & set up security profiles. SMTP server didn't work out, so I ended up manually installing the client on my end points. I'll take the W😭 #100DaysOfCyberSecurity

Lol, @Fortinet doesn't seem to be aware of the change that's coming to the laptop space. A friend of mine got this reply... shows how unaware they are of @Snapdragon X Elite users needing their FortiClient... totally oblivious to what's coming /cc: @LinusTech @linusgsebastian

🗞️ Interlock Ransomware Gang Deploys ClickFix Attacks with Fake IT Tools to Breach Networks The Interlock ransomware gang is using ClickFix attacks, posing as IT tools like FortiClient and Palo Alto Networks, to trick users into running malicious PowerShell commands. Sekoia

Why @Fortinet, Why?!?! Coming soon? ....mayyyybe....pretty please..... #Fortinet #FortiClient

FortiClient: - ¿Desea usted permitir el acceso de lectura completa a su disco duro? Yo: - ¡Ya te dije anoche que NO!

But there are other samples that are properly signed using that cert. And not only with that "Ivanti-Secure-Access-Client.exe" filename, but "FortiClient.exe" and "Cisco-Secure-Client.exe" too. 🤔 Samples will be shared by @JAMESWT_MHT when he has time... (2/2)

Si tienen Forticlient, deberían informarse sobre BrazenBamboo. Un APT chino que está explotando 0 days en el cliente forticlient de Fortinent.

#FortiClient.app is impossible to uninstall. Using https://t.co/H14WAQFBn3 fails. removing as root fails. ChatGPT suggests complex commands to remove it. Fails. It's like a virus

🚨A Threat Actor Claims to be Selling a Tool to Evade EDR Solutions The threat actor alleges they are selling a malicious tool engineered to circumvent endpoint detection and response (EDR) solutions—including CrowdStrike, Sophos, SentinelOne, and FortiClient—by leveraging