Security News > 2024 > November > Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

2024-11-18 21:20

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]

News URL

https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/

#chinese #credential #exploit #fortinet #hacker #VPN #zeroday

Related news

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
Hackers leak configs and VPN credentials for 15,000 FortiGate devices (source)
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
Chinese hackers breached T-Mobile's routers to scope out network (source)
Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise (source)
Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fortinet		77	17	332	293	84	726

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.