Security News > 2024 > November > China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer
2024-11-19 23:02
No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.…
News URL
https://go.theregister.com/feed/www.theregister.com/2024/11/19/china_brazenbamboo_fortinet_0day/
Related news
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More (source)
- China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware (source)
- New SuperBlack ransomware exploits Fortinet auth bypass flaws (source)
- ⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More (source)
- Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks (source)