A recent surge in targeted brute-force attacks on Fortinet SSL VPNs and FortiManager systems indicates a potential prelude to discovering new vulnerabilities. Experts warn that such activity often precedes zero-day disclosures, urging organizations to bolster their defenses. #FortinetSSLVPN #FortiManager #GreyNoise
Keypoints
- Massive brute-force attacks on Fortinet products were detected in early August by GreyNoise.
- The attacks shifted focus from SSL VPNs to FortiManager systems within days.
- spikes in such activity often predict upcoming vulnerability disclosures by the vendor.
- Attacker IP addresses should be blocked, and access should be restricted to trusted sources.
- Organizations are advised to enhance login security and monitor for signs of adaptive testing.