The FortiBleed credential theft campaign appears to have a direct connection to the Lynx and INC ransomware operations, according to new research from SOCRadar. Investigators believe the attackers collected thousands of Fortinet credentials to support future ransomware attacks and network intrusions. Investigation Reveals Links to Ransomware Operations Security researchers previously uncovered an internet-exposed server containing…
The FortiBleed campaign used a custom-built credential sniffer to steal login information directly from compromised FortiGate devices, according to new research. Investigators say the malware allowed attackers to capture usernames and passwords as they passed through affected systems, helping the operation gather credentials on a massive scale. The discovery sheds new light on how the…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to secure their Fortinet devices after researchers uncovered a massive credential exposure known as FortiBleed. The leak contains credentials linked to nearly 74,000 Fortinet firewalls and VPN gateways worldwide, creating a significant risk for both government agencies and private-sector organizations. CISA issued the warning…