"A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. [The exploitable vulnerability has since been patched.] The list of Fortinet credentials was leaked for free by a threat actor known as 'Orange,' who is the administrator of the newly launched RAMP hacking forum and a previous operator of the Babuk Ransomware operation... ..the IP addresses are for devices worldwide, with 2,959 devices located in the USA... It is unclear why the threat actor released the credentials rather than using them for themselves, but it is believed to have been done to promote the RAMP hacking forum and the Groove ransomware-as-a-service operation..." https://www.bleepingcomputer.com/ne...-passwords-for-500-000-fortinet-vpn-accounts/
