CISA Alerts Fortinet Users to 'FortiBleed' Credential Harvesting Threat

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to Fortinet customers regarding an ongoing credential harvesting campaign, dubbed 'FortiBleed.' This campaign targets thousands of internet-accessible FortiGate devices, with threat actors reusing previously compromised credentials and employing brute-force techniques against systems with weak password hygiene and lacking multi-factor authentication. CISA and Fortinet recommend immediate actions, including terminating active sessions, resetting passwords, enforcing strong password policies, and implementing MFA, to mitigate the risk.