<div dir="ltr"><div dir="auto"><div><p>(If you haven't heard of them, IFIN is a volunteer threat Intel sharing team, which I joined when it was created a few months ago)</p><p>Not clear how the Fortinet firewall configs got leaked, but until very recently, the password hashes were stored in the config with simple salted SHA256, which is easily cracked. If the passwords were strong, it's possible that org might not be on this list. I haven't seen the list yet. About 75,000 devices affected.</p><p><a href="https://discourse.ifin.network/t/fortibleed-tens-of-thousands-of-fortinet-credentials-leaked/597" target="_blank">https://discourse.ifin.network/t/fortibleed-tens-of-thousands-of-fortinet-credentials-leaked/597</a></p><p>And here's Kevin Beaumont on it.</p><p><a href="https://doublepulsar.com/fortibleed-75k-fortinet-firewalls-have-admin-passwords-cracked-60299faa65f8?postPublishedType=initial" target="_blank">https://doublepulsar.com/fortibleed-75k-fortinet-firewalls-have-admin-passwords-cracked-60299faa65f8?postPublishedType=initial</a></p><p>--</p></div><div data-smartmail="gmail_signature">Royce</div></div>
</div>