MDR
Solutions
Partners
About
Resources
Fortinet FortiGate firewalls and VPN appliances with internet-exposed management interfaces across all sectors globally.
Large-scale automated credential abuse campaign targeting Fortinet devices using leaked, reused, or default credentials.
Active and ongoing campaign; tens of thousands of devices already compromised across hundreds of countries.
Internet-exposed Fortinet management interfaces susceptible to automated credential stuffing at scale.
Weak, reused, or default credentials without MFA; older password hashing standards (non-PBKDF2) in FortiOS.
Actors scan for exposed interfaces, authenticate with verified credentials, gaining full legitimate administrative access.
Attackers intercept traffic, harvest credentials, extract firewall rules and VPN configs, and maintain long-term persistence.
Tens of thousands of devices compromised globally including Samsung, Oracle, Siemens; classified NATO documents allegedly stolen.
Restrict management interface exposure, upgrade FortiOS, enforce MFA on all admin and external gateway interfaces immediately.
Treat any suspicious admin login as full compromise; consider device replacement in severe cases; monitor credential databases proactively.
HackRead – FortiBleed attack on Fortinet firewalls via credentials. Hudson Rock – FortiBleed 75,000 Fortinet firewalls compromised. Hudson Rock – Fortinet lookup portal.
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)