FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
Summary
Attackers have developed a Golang-based sniffer to exploit vulnerabilities in approximately 430,000 FortiGate firewalls. This ongoing campaign has successfully identified over 110 million credentials, highlighting a significant threat to network security.
IFF Assessment
FOE
The discovery of a new attack method that targets widely used firewalls and steals a large volume of credentials represents a direct threat to organizations and individuals.
Defender Context
This incident underscores the persistent threat of sophisticated attacks targeting network infrastructure like firewalls. Defenders should be vigilant about patching FortiGate devices and monitoring for signs of compromise, as credential theft can lead to further system breaches.