Security News > 2024 > November > Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

2024-11-18 21:20

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]

News URL

https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/

#chinese #credential #exploit #fortinet #hacker #VPN #zeroday

Related news

China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
Hackers exploit critical bug in Array Networks SSL VPN products (source)
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)
US says Chinese hackers breached multiple telecom providers (source)
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
Hackers steal 15,000 cloud credentials from exposed Git config files (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fortinet		77	15	314	277	81	687

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.