CISA warns Fortinet FortiGate users after FortiBleed credentials leak

AI-Generated Summary

2 sources

18 hours ago

1 views

CISA warns Fortinet FortiGate users after FortiBleed credentials leak

Photo: The Hacker News

Key Points

CISA issues guidance to Fortinet customers to secure FortiGate firewall and VPN devices after the FortiBleed incident.
The FortiBleed leak exposes firewall and VPN credentials used for access.
The activity involves internet-accessible FortiGate appliances and is associated with ongoing malicious attempts.
Reports cite tens of thousands of affected credentials and thousands of potentially impacted devices.
The campaign is described as linked to Russian-speaking threat actors.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning Fortinet customers to secure FortiGate devices after a data leak known as “FortiBleed.” According to CISA, credentials associated with Fortinet firewall and VPN systems have been exposed, with reporting citing tens of thousands of affected credentials and a large number of potentially impacted internet-accessible devices.

Multiple outlets describe the issue as involving FortiGate appliances accessible from the internet and note that attackers are attempting to use the exposed access information for malicious activity. CISA’s guidance focuses on actions Fortinet users can take to reduce risk, including reviewing and securing configurations and applying appropriate remediation steps.

One report references an observed scale of exposure, citing a figure of 74,000 credentials exposed, while another cites a higher number of internet-facing devices (86,644) associated with the FortiBleed activity. Both accounts characterize the activity as an ongoing campaign and cite attribution to Russian-speaking threat actors, though specific individuals or groups are not named in the provided excerpts.

How Outlets Covered This Story

THE

The Hacker News

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at

17 hours ago

BLE

Bleeping Computer

CISA warns Fortinet users to secure devices after FortiBleed leak

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed "FortiBleed." [...]

1 day ago

We use cookies

This website uses cookies in order to enhance the overall user experience.

Take a look at our Cookies Policy for more information.

CISA warns Fortinet FortiGate users after FortiBleed credentials leak

TechRadar publishes daily Quordle hints and answers for multiple dates and game numbers

NYT Strands hints and answers articles compile daily clues for multiple puzzle games

NYT Connections hints and answers published for multiple puzzle dates