November 19, 2024 at 06:11PM Chinese government-affiliated hackers are exploiting a zero-day vulnerability in Fortinet’s Windows VPN client to steal sensitive information, including credentials. Volexity identified the issue and reported it to Fortinet, which has yet to release a fix. The attackers use a tool called DeepData, capable of extensive data theft. ### Meeting Takeaways … Read more
November 18, 2024 at 05:48PM Chinese hackers “BrazenBamboo” exploit a zero-day vulnerability in Fortinet’s FortiClient VPN using a tool called ‘DeepData’ to extract user credentials. Discovered by Volexity in July 2024, the flaw has not been patched, risking corporate networks. VPN access should be restricted until Fortinet releases a fix. ### Meeting Takeaways 1. **Zero-Day … Read more
November 18, 2024 at 07:19AM DeepData malware, developed by the China-linked APT41 (BrazenBamboo), exploits a zero-day vulnerability in Fortinet’s Windows VPN to steal credentials. It uses plugins for data surveillance and has similarities with the LightSpy malware. Volexity reports its capabilities and infrastructure, revealing significant operational resources behind these attacks. **Meeting Takeaways:** 1. **DeepData Malware … Read more