Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Tag: deeppost

2 attack reports | 0 vulnerabilities

Attack reports

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors, known as BrazenBamboo, are exploiting a zero-day vulnerability in Fortinet's FortiClient Windows VPN client to steal credentials. The hackers use a custom post-exploitation toolkit called DeepData, which includes a FortiClient plugin to extract usernames, passwords, and VPN s…

espionage
lightspy
zero-day
credential theft
vpn
post-exploitation
chinese hackers
2024-11-18
deeppost
deepdata
forticlient
Published: November 18, 2024

Downloadable IOCs 0

Weaponizing FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA

A Chinese state-affiliated threat actor, BrazenBamboo, has exploited a zero-day vulnerability in Fortinet's Windows VPN client to steal user credentials. The vulnerability allows extraction of login information from the FortiClient process memory. BrazenBamboo uses two malware families: DEEPDATA, a…

lightspy
zero-day
credential theft
vpn
post-exploitation
chinese threat actor
2024-11-16
deeppost
deepdata
forticlient
Published: November 16, 2024

Downloadable IOCs 0

» Click here to see all Attack Reports «