Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view

Ongoing Campaign May Be Grabbing Legacy Passwords From Fortinet FortiGate DevicesCybercriminals are selling access to 75,000 Fortinet FortiGate devices with VPN and web management interfaces, and the admin credentials appear to be legitimate and recently harvested as part of a still-live campaign, security experts warned.

FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on the internet containing what appeared to be valid Fortinet VPN credentials, including usernames, email addresses, and plaintext passwords for tens of thousands of organizations. He posted […]

Bank Info Security 1 year, 2 months ago

Iranian Hackers Breach Middle East Infrastructure

Fortinet Uncovers Long-Term Cyberespionage in RegionAn Iranian state-sponsored threat group conducted a years-long cyberespionage campaign targeting a Middle East critical infrastructure provider, with its operational technology network a key target. The attackers focused reconnaissance activity and credential theft on the OT network.

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. [...]