Info Risk Today – Prajeet Nair
Chinese threat actors are turning security appliances into penetration pathways, forcing firewall maker Fortinet to again attempt to fend off hackers with a patch.
A threat cluster related to UNC3886 also targeted a Fortinet zero-day in a campaign that involved delivery of a custom backdoor “specifically designed to run on FortiGate firewalls” (see: Fortinet VPN Flaw Shows Pitfalls of Security Appliances).
Thursday’s disclosure comes just days after Mandiant identified a suspected Chinese campaign targeting the SonicWall Secure Mobile Access appliance. The same group is also likely responsible for a campaign unmasked in September against VMware ESXi servers.
Link: https://www.inforisktoday.asia/chinese-hackers-targeting-security-network-appliances-a-21467