Threat Post

Thousands of Fortinet VPN Account Credentials Leaked

They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. UPDATE: Subsequent reporting and disclosures ...
Hosted on MSN

Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others

A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to steal users' credentials, according to Microsoft.… ...
Bleeping Computer

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. The attackers manipulate search ...
Bleeping Computer

Fortinet VPN design flaw hides successful brute-force attacks

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of ...