Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
Yahoo

Update now — Fortinet Windows VPN hacked to steal user data

Cybersecurity researchers has revealed that for months now, Fortinet’s Windows VPN client has been vulnerable to a flaw which allows threat actors to steal user credentials - and Chinese hackers have ...
Hosted on MSN

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk, so be on your guard

Someone has been trying to break into Fortinet VPN products GreyNoise believes this is in preparation of a zero-day exploit The researchers expect a CVE to be published within weeks Fortinet users are ...
techtimes

Fortinet VPN Hacked by China, Over 20,000 Affected Says Netherlands Government

According to the Dutch government, China's state hackers hacked the Fortinet VPN via an undisclosed vulnerability that was recently discovered. The massive hack affected 20,000 of Fortinet's VPN ...
Ars Technica

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says

Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after ...
Bleeping Computer

Fortinet VPN design flaw hides successful brute-force attacks

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of ...
SDxCentral

Thousands of Fortinet firewalls face critical authentication flaw

Security researchers claimed more than 10,000 Fortinet firewalls are at risk from a legacy vulnerability affecting FortiGate SSL VPN. The vulnerability allows users to log in without being prompted ...