Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Passwords Exposed For Almost 50,000 Vulnerable Fortinet VPNs

Passwords Exposed For Almost 50,000 Vulnerable Fortinet VPNs

A hacker has now leaked the credentials for almost 50,000 vulnerable Fortinet VPNs.

Over the weekend a hacker had posted a list of one-line exploits for CVE-2018-13379 to steal VPN credentials from these devices, as reported by BleepingComputer.

Present on the list of vulnerable targets are IPs belonging to high street banks, telecoms, and government organizations from around the world.

Leaked files expose usernames, passwords, unmasked IPs

The exploitation of critical FortiOS vulnerability CVE-2018-13379 lets an attacker access the sensitive “sslvpn_websession” files from Fortinet VPNs.

These files contain session-related information, but most importantly, may reveal plain text usernames and passwords of Fortinet VPN users.

Today, threat intelligence analyst Bank_Security has found another thread on the hacker forum where a threat actor shared a data dump containing “sslvpn_websession” files for every IP that had been on the list.

As observed by BleepingComputer, these files reveal usernames, passwords, access levels (e.g. “full-access”), and the original unmasked IP addresses of users connected to the VPNs.

Hacker leaks sslvpn_websession files containing credentials from almost 50,000 Fortinet VPNs
Source: Twitter

The new data set posted on the forum is merely a 36 MB RAR archive, but when decompressed, expands over 7 GB, at the time of our testing.

Also Read: Key PDPA Amendments 2019/2020 You Should Know

The exposure of passwords in these files means, even if the vulnerable Fortinet VPNs are later patched, these credentials could be reused by anyone with access to the dump in credential stuffing attacks, or to potentially regain access to these VPNs.

Leaked folder structure with a separate list of vulnerable Fortinet devices in Pakistan
Source: BleepingComputer

While the threat actor’s motivations for this second, expansive leak aren’t clear, BleepingComputer did notice, the newly leaked archive has lists marked pak separating out Pakistan-based VPN IPs and corresponding “sslvpn_websession” files from the large 49,000+ VPN data set.

Additionally enclosed is an image file titled, “f**k israel.jpg” which is a “Yes we can” Adolf Hitler poster created in the style of Obama’s 2008 presidential campaign poster.

To make matters worse, the credential dump is being reposted on other forums and chats.

Fortinet repeatedly tried to warn customers

This week Fortinet told BleepingComputer, ever since the public disclosure of the critical Path Traversal vulnerability (CVE-2018-13379) last year, the company had repeatedly alerted its customers, encouraging them to patch the vulnerable FortiOS instances.

“The security of our customers is our first priority.  In May 2019 Fortinet issued a PSIRT advisory regarding an SSL vulnerability that was resolved, and have also communicated directly with customers and again via corporate blog posts in August 2019 and July 2020 strongly recommending an upgrade,” a Fortinet spokesperson told BleepingComputer.

Despite these measures, the critical bug has been extensively exploited in the wild due to a lack of patching.

The same flaw was leveraged by attackers to break into US government elections support systems, as reported by BleepingComputer.

Earlier this year, nation-state threat actors had weaponized the vulnerability to compromise networks and deploy ransomware.

“In the last week, we have communicated with all customers notifying them again of the vulnerability and steps to mitigate.  While we cannot confirm that the attack vectors for this group took place via this vulnerability, we continue to urge customers to implement the upgrade and mitigations. To get more information, please visit our updated blog and immediately refer to the May 2019 [PSIRT] advisory,” concluded Fortinet.

Network administrators and security professionals are therefore encouraged to patch this severe vulnerability immediately.

Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service

As a safeguard, Fortinet VPN users should change their passwords immediately both on the VPN devices, and any other websites where the same credentials were used.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us