Many of us have used VPN's before, right? At some point, we've seen so many privacy breaches on the open internet and decided to get the 100% secure virtual private network...but are they really secure? Conducting adequate research into a prospective VPN service is necessary to decide if it is the right one for you, because, unfortunately, not all VPNs are created equal.
In this case, Fortinet, a fairly well utilized VPN service with a large user database, was hacked and over 200,000 user credentials were released due to Fortinet using a default SSL certificate. Any security setting as default is generally not secure, but a VPN? Default SSL certificate? That is mind boggling. However, this was not the only incident Fortinet has run into. While this certificate hack was in September 2020, just 2 months afterwards, a hacker going by the name of "pumpedkicks" has shared a list of nearly 50,000 Fortinet IP addresses vulnerable to a certain SSL exploit...again! Some of these addresses even include banks, governments, and financials administrations.
Now, this is not a review of Fortinet VPN, merely a statement of their most recent vulnerabilities, but this should encourage us all to research into prospective VPN's before we use their service. After all, we are entrusting them with a direct connection to our network and data; shouldn't we be able to trust them with that process?