Security News > 2024 > November > Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
2024-11-16 06:25
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,
News URL
https://thehackernews.com/2024/11/warning-deepdata-malware-exploiting.html
Related news
- Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks (source)
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware (source)
- Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs (source)