Fortinet

Blog
digitpatrox3 days ago
14

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and reported it to Fortinet, but…
Read More »
Blog
digitpatrox4 weeks ago
42

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. The company privately warned FortiManager customers about the flaw starting October 13th in advanced notification emails seen by BleepingComputer that contained steps to mitigate the flaw until a security update was…
Read More »
Blog
digitpatroxOctober 10, 2024
51

CISA says critical Fortinet RCE flaw now exploited in attacks

Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. The flaw (CVE-2024-23113) is caused by the fgfmd daemon accepting an externally controlled format string as an argument, which can let unauthenticated threat actors execute commands or arbitrary code on unpatched devices in low-complexity attacks that don’t require user interaction. As Fortinet…
Read More »
Blog
digitpatroxSeptember 13, 2024
76

Everything you need to know about the Fortinet data breach

A Ukrainian-linked threat group has leaked 440 GB of data belonging to Fortinet on a popular hacking forum after ransom negotiations broke down. On 12 September, a group operating under the provocative name ‘Fortibitch’, leaked the data cache believed to have been exfiltrated from the company’s Microsoft Azure Sharepoint server. The group released credentials to an S3 storage bucket on…
Read More »

Fortinet

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

CISA says critical Fortinet RCE flaw now exploited in attacks

Everything you need to know about the Fortinet data breach

Is the time right for asynchronous collaboration?

How AI Drives Supply Chain Automation for Retailers Worldwide

Microsoft will finally let you stream Xbox games you already own via Game Pass — here’s what you can play right now

Learn a New Language in Record Time With Babbel. Now at $140

Roborock’s pet-ready Q5 Pro robot vacuum is on sale for under $200

Joker 2 Review: An Off-Key Musical Disaster

Snowflake and Anthropic partner up on agentic AI, model sharing

AI agents are coming to work — here’s what businesses need to know – Computerworld

YouTube Music Is Already Rolling Out Its Version of Spotify Wrapped

Texas Board of Physical Therapy Examiners breached, SSNs and other info compromised

US citizen charged with aiding North Korean hackers moonlighting as tech workers

Indiana Jones The Great Circle Is Here with a Release Date and a PS5 Launch