Security News > 2024 > November > Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
2024-11-16 06:25
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,
News URL
https://thehackernews.com/2024/11/warning-deepdata-malware-exploiting.html
Related news
- Hackers leak configs and VPN credentials for 15,000 FortiGate devices (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Stealthy 'Magic Packet' malware targets Juniper VPN gateways (source)
- North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials (source)