InfoSecBulletin Cybersecurity for mankind
Fortinet confirmed a data breach after a threat actor claimed to have stolen 440GB of files from its Microsoft SharePoint server.
Fortinet told two international media that, “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers, and we have communicated directly with customers as appropriate,”,
Chrome 129 Released Fix with multiple Security Flaws
Broadcom fixed RCE bug in VMware vCenter Server
Cybercriminal now misuse Microsoft Azure tool to steal data
Apple warns users to install iOS 18 to Fix 33 iPhone Vulnerabilities
CISA adds windows and whatsUp Gold vuls to its KEV
Petroleum and Fuel Industry
FleetPanda exposes Nearly One Million Documents
DESCO faces cyber attack: Customers Data Breach
Alert! Google Fixes GCP Composer Flaw
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
Bitdefender blog post
Medusa target Fortinet flaw (CVE-2023-48788) for Ransomware Attacks
The threat actor, known as “Fortibitch,” claims to have tried to extort Fortinet into paying a ransom, likely to prevent the publishing of data, but the company refused to pay.
In response to questions about incident, Fortinet confirmed that customer data was stolen from a “third-party cloud-based shared file drive.”
Fortinet’s website later stated that less than 0.3% of its customers were affected by the incident, and there was no malicious activity targeting them.
The cybersecurity company confirmed that the incident did not involve data encryption, ransomware, or access to Fortinet’s network.
Cyberdaily.au said, “The incident reportedly affected customers within the Asia-Pacific region. Home Affairs confirmed it was aware of the incident but provided no further details.”
“The National Office of Cyber Security is aware of reports regarding a potential cyber incident impacting Fortinet and stands ready to assist, if required,” it said.
