Urgent Alert: Fortinet Flaw Exploited to Drop BOLDMOVE Backdoor - What You Need to Know and How to Protect Yourself

Fortinet is a multinational cybersecurity company that offers a wide range of security products, including firewalls, antivirus software, and VPNs. Recently, a flaw in Fortinet's FortiOS software was discovered to be exploited by a cybercriminal group known as "Wild Neutron" to drop a backdoor called BOLDMOVE. The flaw, found in Fortinet's FortiOS SSL VPN web portal, allows attackers to gain unauthorized access to a network by exploiting a vulnerability in the software's authentication process. Once the attackers have gained access, they use the BOLDMOVE backdoor to maintain persistence and move laterally within the network, potentially stealing sensitive information or launching other types of cyberattacks. Fortinet has released a patch to fix the vulnerability and recommends that all customers update their software as soon as possible. Additionally, users can protect themselves against this exploit by enabling two-factor authentication on their FortiOS SSL VPN web portal and monitoring their network for suspicious activity. It is important to note that, Wild Neutron group has been active since at least 2018 and is known for primarily targeting government organizations, financial institutions and healthcare companies. In summary, a flaw in Fortinet's FortiOS software has been exploited by cybercriminal group "Wild Neutron" to drop the BOLDMOVE backdoor. Fortinet has released a patch to fix the vulnerability, and users should update their software and enable two-factor authentication to protect themselves from this exploit.