Details from more than 15,000 devices exposed
If you use Fortinet, Computing.co.uk has information that you need to know:
Hackers calling themselves Belsen Group have leaked details of users of Fortinet firewalls on the dark web.
Researcher Kevin Beaumont, who has reviewed the data dump, says he believes it to be genuine, since devices in the published data are listed on the Shodan search engine and share the same unique serial numbers.
A list of 15,474 IP addresses associated with the leak has been published on GitHub by researcher Amram Englander, who advises affected organisations to check their patch history for CVE-2022-40684, a 2022 zero-day vulnerability in Fortinet affecting FortiOS, FortiProxy and FortiSwitchManager that was known to have been actively exploited. They should also change their device credentials and assess the exposure of firewall rules and mitigate risks, Englander says in a post on LinkedIn.
Read more at Computing.co.uk.