Security News > 2024 > November > Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

2024-11-18 21:20

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]

News URL

https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/

#chinese #credential #exploit #fortinet #hacker #VPN #zeroday

Related news

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign (source)
Iranian hackers now exploit Windows flaw to elevate privileges (source)
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fortinet		169	57	405	185	81	728

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.