A significant cybersecurity breach, dubbed 'FortiBleed,' has revealed admin passwords for approximately 75,000 Fortinet firewalls exposed on the internet. Security researcher Bob Diachenko discovered access to valid Fortinet VPN credentials, which included usernames and plaintext passwords. Kevin Beaumont confirmed the legitimacy of the dataset, indicating that nearly 50% of internet-facing Fortinet devices are affected.
The data, allegedly compiled by a Russian-speaking threat group, suggests systematic exploitation, with over a billion credential attempts recorded. The highlighted risk includes potential remote access to networks, necessitating immediate action from organizations to secure their devices.