Security News > 2024 > November > Chinese hackers exploit Fortinet VPN zero-day to steal credentials

2024-11-18 21:20
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]
News URL
Related news
- Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks (source)
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- ⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- New SuperBlack ransomware exploits Fortinet auth bypass flaws (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)