top of page

Configuration data for 15,000 compromised fortinet firewalls leaked on darkweb

Writer's picture: danielweisdanielweis

ICYMI last week, the belsen hacking group leaked configuration data (including plaintext creds) for 15,000 fortigate firewalls on the darkweb for free, that they had exploited using CVE-2022-40684 and CVE-2024-55591. 8,000 are still online according to censys, a writeup is here: https://www.cloudsek.com/blog/15k-fortigate-firewall-configs-leaked-by-belsen-group-dumped-using-zero-day-in-2022


If you want to check if you IP is affected, there is a pastebin here:



3 views0 comments

Recent Posts

See All

Comments


© 2024 Dan Weis

ā€‹

danweis.me

bottom of page