A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals.
Oh shit… Yesterday at work we had a stop what you are doing and update that device moment. Hopefully my works VPN isn’t in that list…
Check your ip against this list.
https://github.com/arsolutioner/fortigate-belsen-leak/blob/main/affected_ips.txt
If your IP is on the list roll every single secret on the device.
LDAP/radius/tacacs secrets, SNMP communities, IPsec keys, local and admin accounts.
thanks friend!
Someone has GitHubed the list of addresses
https://github.com/arsolutioner/fortigate-belsen-leak/blob/main/affected_ips.txt
