Here's a juicy read about messing with Fortinet FortiGate firewalls: https://arcticwolf.com/resources/blog/console-chaos-targets-fortinet-fortigate-firewalls/
The article talks a lot about detection and forensics, but I'm itching for more details or insight into exploit paths.
The article mentions attackers scanning for HTTPS ports, which probably means some admins are leaving their webadmin exposed to the internet. Honestly, I’m pretty sure there's either a sweet authentication bypass or some tasty injection flaw lurking in their admin panels.
=> More informations about this toot | More toots from clathetic@infosec.exchange
text/geminiThis content has been proxied by September (3851b).