The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.
Ars Technica

Linux VPN and 2 Factor Authentication

We need 2-factor authentication on our VPN servers. We used Duo for 2-factor on our apps. We have a lot of Linux users. Several leading VPN providers do not integrate with Linux (e.g. VPN secure does ...

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...