Attackers cracked 75,000 Fortinet firewalls with old passwords, not a zero-day
Back to Home
security

Attackers cracked 75,000 Fortinet firewalls with old passwords, not a zero-day

June 18, 202639 views2 min read

Attackers exploited old passwords to breach 75,000 Fortinet firewalls, not a zero-day exploit, according to security researchers.

Security researchers have discovered a massive breach involving Fortinet firewalls, revealing that attackers exploited old, weak passwords rather than a zero-day vulnerability. The compromised data, named FortiBleed, includes plaintext credentials for 73,932 unique Fortinet FortiGate firewall and VPN devices across 194 countries, affecting over 21,000 domains.

Weak Passwords, Not Zero-Days, Are to Blame

The breach, uncovered by security experts, highlights a critical flaw in cybersecurity practices: the continued use of outdated and easily guessable passwords. According to researchers, the attackers did not rely on a sophisticated zero-day exploit, but instead leveraged stolen credentials that had been previously compromised and reused across multiple organizations. These credentials were likely obtained through phishing campaigns, data breaches, or credential stuffing attacks, which underscores the importance of robust password policies and multi-factor authentication (MFA).

Global Impact and Recommendations

The scale of the FortiBleed leak is alarming, with organizations across various sectors, including government, healthcare, and finance, potentially exposed. The dataset's availability on dark web marketplaces has prompted urgent calls for immediate action from IT security teams worldwide. Organizations using Fortinet devices are advised to review and rotate all passwords, enforce MFA, and audit their network configurations to prevent unauthorized access. Security firms are also urging companies to adopt zero-trust network models to reduce the risk of lateral movement within compromised networks.

Conclusion

This incident serves as a stark reminder that many cyberattacks succeed not through advanced exploits, but through basic human and system failures. As organizations continue to rely on legacy systems and weak authentication practices, the threat landscape remains ripe for exploitation. Fortinet and its users must prioritize proactive security measures to protect against future breaches.

Source: TNW Neural

Related Articles