Friday , March 7 2025
Fortinet

Fortinet admits data breach after hacker claims to steal 440GB

infosecbulletin Friday , September 13 2024 Cyber Attack

Fortinet confirmed a data breach after a threat actor claimed to have stolen 440GB of files from its Microsoft SharePoint server.

Fortinet told two international media that, “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers, and we have communicated directly with customers as appropriate,”,

Sleeping Beauty
Researchers Bypassed CrowdStrike Falcon Sensor partially

By infosecbulletin / Friday , March 7 2025
SEC Consult researchers found a major vulnerability in CrowdStrike's Falcon Sensor, enabling attackers to evade detection and run malicious applications....
Read More
Sleeping Beauty Researchers Bypassed CrowdStrike Falcon Sensor partially

CVE-2025-22224
41,500+ VMware ESXi Instances Vulnerable to Attacks

By infosecbulletin / Thursday , March 6 2025
As of March 4, 2025, Shadowserver found that over 41,500 internet-exposed VMware ESXi hypervisors are vulnerable to the actively exploited...
Read More
CVE-2025-22224 41,500+ VMware ESXi Instances Vulnerable to Attacks

Register Now
AI Engineering Hackathon: Registration Open

By infosecbulletin / Wednesday , March 5 2025
On April 19, 2025 (Saturday), Brain Station 23 and Poridhi are jointly going to organize "AI ENGINEERING HACKATHON". The prize...
Read More
Register Now AI Engineering Hackathon: Registration Open

Cisco alerts about a Webex flaw that exposes credentials

By infosecbulletin / Wednesday , March 5 2025
Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely....
Read More
Cisco alerts about a Webex flaw that exposes credentials

NVIDIA Issues Warning of Multiple Vulnerabilities

By infosecbulletin / Wednesday , March 5 2025
NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw...
Read More
NVIDIA Issues Warning of Multiple Vulnerabilities

Update Now
Chrome 134 Released, Fixes 14 Vulnerabilities

By infosecbulletin / Wednesday , March 5 2025
Google has released Chrome 134 for the stable channel on Windows, macOS, and Linux, effectively addressing 14 security vulnerabilities. Among...
Read More
Update Now Chrome 134 Released, Fixes 14 Vulnerabilities

Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

By infosecbulletin / Tuesday , March 4 2025
Broadcom issued a security alert on Tuesday, warning VMware customers about 3 exploited zero-day vulnerabilities. Vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226...
Read More
Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

Singapore issues new guidelines for data center and cloud services

By infosecbulletin / Tuesday , March 4 2025
The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of disruptions to cloud services and...
Read More
Singapore issues new guidelines for data center and cloud services

Update Alert!
Google Warns of Critical Android Vulns Under Attack

By infosecbulletin / Tuesday , March 4 2025
Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect...
Read More
Update Alert! Google Warns of Critical Android Vulns Under Attack

CISA adds Cisco and Windows vulns as actively exploited

By infosecbulletin / Tuesday , March 4 2025
CISA has advised US federal agencies to secure their systems against attacks targeting vulnerabilities in Cisco and Windows. Although these...
Read More
CISA adds Cisco and Windows vulns as actively exploited
  Source: X

The threat actor, known as “Fortibitch,” claims to have tried to extort Fortinet into paying a ransom, likely to prevent the publishing of data, but the company refused to pay.

In response to questions about incident, Fortinet confirmed that customer data was stolen from a “third-party cloud-based shared file drive.”

Fortinet’s website later stated that less than 0.3% of its customers were affected by the incident, and there was no malicious activity targeting them.

The cybersecurity company confirmed that the incident did not involve data encryption, ransomware, or access to Fortinet’s network.

Cyberdaily.au said, “The incident reportedly affected customers within the Asia-Pacific region. Home Affairs confirmed it was aware of the incident but provided no further details.”

“The National Office of Cyber Security is aware of reports regarding a potential cyber incident impacting Fortinet and stands ready to assist, if required,” it said.

Check Also

Infostealer

HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

A breach notification site has added millions of new passwords and email addresses obtained from …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin