A significant cyber attack targeting over 30,000 Fortinet devices across nearly 200 countries has been uncovered. Researchers from SOCRadar discovered the operation, believed to be orchestrated by Russian-speaking threat actors, through an exposed server. The attackers compiled verified credentials for these devices, exploiting security weaknesses in network infrastructures. The compromised devices span various sectors including government, telecommunications, healthcare, and finance.
SOCRadar emphasizes the critical nature of this threat, urging affected organizations to take immediate action, such as rotating credentials and enabling multi-factor authentication. The operation showcases the dangers of credential reuse and poor password hygiene, indicating the necessity for stronger security measures.