top of page

DW

Search

Configuration data for 15,000 compromised fortinet firewalls leaked on darkweb

danielweis
Jan 28, 2025
1 min read

ICYMI last week, the belsen hacking group leaked configuration data (including plaintext creds) for 15,000 fortigate firewalls on the darkweb for free, that they had exploited using CVE-2022-40684 and CVE-2024-55591. 8,000 are still online according to censys, a writeup is here: https://www.cloudsek.com/blog/15k-fortigate-firewall-configs-leaked-by-belsen-group-dumped-using-zero-day-in-2022

If you want to check if you IP is affected, there is a pastebin here:

https://pastebin.com/mffLfcLp

#hacking #darkweb #fotinet #exploit #exploitation #cyberattack #databreach #threatactors #danweis #nexon #hackproofyourself #boardroomcyber

Recent Posts

New Microsoft SIRT interesting read

An interesting read from Microsoft about a multi-stage campaign observed between April 14 and 16, 2026, targeting more than 35,000 users across 13,000 organisations in 26 countries. https://www.micros

Kali2026.1 Now Available

Kali2026.1 Now Available

Is Your Pentest Firm Drafting Your Next Breach Headline?

Is Your Pentest Firm Drafting Your Next Breach Headline?

Comments

bottom of page