BrazenBamboo exploits an unpatched FortiClient flaw to steal VPN credentials using DEEPDATA malware. Fortinet users advised to stay alert.
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet ...
A design flaw in the Fortinet VPN server's logging mechanism ... a full login with either a script or a VPN client would create a log,” Pentera security researcher Peter Viernik told ...
Cybersecurity researchers has revealed that for months now, Fortinet’s Windows VPN client has been vulnerable to a flaw which ...
The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.
Cybersecurity researchers at Volexity recently reported that a Chinese state-affiliated threat actor exploited an unpatched zero-day vulnerability in ...
Fortinet’s Windows VPN client has been vulnerable to a flaw which allows threat actors to steal user credentials - and Chinese hackers have reportedly now started exploiting the bug and stealing ...
The Register on MSN4d
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealerNo word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's ...
The Register on MSN9d
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boostPlus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially ...
Fortinet also warns that attackers can take over SSL VPN sessions by phishing SAML authentication links in FortiOS without prior login (CVE-2023-50176, CVSS 7.1, high). FortiOS 7.4.4, 7.2.8 and 7. ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback