Fortinet Under Siege: Brute-Force Blitz Targets VPNs in Multi-Nation Cyber Comedy of Errors
Fortinet SSL VPN devices are under siege from a “significant spike” in brute-force traffic. Researchers detected over 780 IP addresses in the attack, with the IPs hailing from the US, Canada, Russia, and the Netherlands. It’s a targeted effort, not just bad luck, suggesting attackers are honing in on Fortinet’s prized tech.
Hot Take:
Looks like cybercriminals are having a VPN-demic, with Fortinet SSL VPNs being the latest victims of their digital germ warfare. With 780 IP addresses taking a joyride through Fortinet’s firewall, it’s like the hackers are playing a high-stakes game of ‘Whack-a-Mole’ – and Fortinet’s security is the mole. Better grab some popcorn, because this cyber-saga is unfolding faster than a teenager’s FOMO-fueled Instagram feed.
Key Points:
- Cybersecurity firm GreyNoise detected over 780 unique IP addresses involved in brute-forcing Fortinet SSL VPN devices.
- 56 malicious IPs were identified in the last 24 hours, hailing from countries like the US, Canada, Russia, and the Netherlands.
- The attacks were not random but targeted Fortinet’s SSL VPNs with precise focus.
- Two waves of attacks were observed, with a notable shift in targeted service from FortiOS to FortiManager.
- Historical data hints at possible testing or originating of brute-force tools from a residential ISP block.
Already a member? Log in here