A zero-day vulnerability in Fortinet's Windows VPN client, FortiClient, was discovered by Volexity, allowing user credentials to remain in process memory after authentication. This vulnerability was exploited by BrazenBamboo, a Chinese state-affiliated threat actor, using a pl...
A zero-day vulnerability in Fortinet's Windows VPN client, FortiClient, was discovered by Volexity, allowing user credentials to remain in process memory after authentication. This vulnerability was exploited by BrazenBamboo, a Chinese state-affiliated threat actor, using a pl...
Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-credentials