Some of the compromised IP addresses were posted to Github so users can check to see if their VPNs were affected. The network security vendor said the credentials were stolen from systems that remain unpatched against a two-year-old vulnerability – CVE-2018-13379 – or from users who patched that vulnerability but failed to change passwords.įortinet said it’s warned customers several times to update affected devices and reset passwords – and the vulnerability was even recently named one of the most exploited by the FBI and CISA. In the latest lesson about the importance of patching, the credentials for 87,000 Fortinet FortiGate VPNs have been posted on a dark web forum by hackers.įortinet confirmed the veracity of the hackers’ claims in a blog post today.
0 Comments
Leave a Reply. |