Maybe it was one file of 440GB?

"Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a "limited number" of files." https://www.theregister.com/2024/09/13/fortinet_data_loss/

Also: "Fortinet has had a bad run of things this year on the security front, including:"

Ahum. About 12 years ago, from https://www.kb.cert.org/vuls/id/111708
"Fortigate UTM appliances share the same default CA certificate
...
Acknowledgements
Thanks to Bitwiper for reporting this vulnerability."

An anon user posted the private key in https://security.nl/posting/322952, while I wrote some details in that page and (in Dutch) in, among other posts in that page, https://security.nl/posting/327277 .

Cybertruckloads of vulns since then (https://www.cvedetails.com/vulnerability-list/vendor_id-3080/Fortinet.html).

Fortinet is primarily a marketing company; they will never understand security.

#Fortinet #Fortigate #UTM #appliances #MitM #SSLMitM #TLSMitM #infosec