<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0"><channel><title>FortiBleed - Tag - Maritimeinfosec.org</title><link>https://maritimeinfosec.org/tags/fortibleed/</link><description>FortiBleed - Tag - Maritimeinfosec.org</description><generator>Hugo -- gohugo.io</generator><language>en-US</language><copyright>Copyright Maritimeinfosec.org 2018-2026</copyright><lastBuildDate>Mon, 06 Jul 2026 12:45:00 +0200</lastBuildDate><atom:link href="https://maritimeinfosec.org/tags/fortibleed/" rel="self" type="application/rss+xml"/><item><title>FortiBleed and the maritime sector: a real exposure?</title><link>https://maritimeinfosec.org/fortibleed-maritime-a-real-exposure/</link><pubDate>Mon, 06 Jul 2026 12:45:00 +0200</pubDate><author>Olivier JACQ</author><guid>https://maritimeinfosec.org/fortibleed-maritime-a-real-exposure/</guid><description><![CDATA[<p>A recap of the facts first. FortiBleed was disclosed in mid-June 2026 by independent researcher <em>Volodymyr &ldquo;Bob&rdquo; Diachenko</em>, who specialises in hunting down databases and servers left open on the Internet. The leak did not surface at a victim&rsquo;s site. He found it on the attackers&rsquo; side: a poorly secured server exposing their tooling, their logs and the credential set itself. The operation, which he attributes to a Russian-speaking multi-operator group, is said to have harvested and then cracked the authentication hashes of tens of thousands of FortiGate appliances, enriching each entry with the target&rsquo;s industry, revenue and headcount - enough to plan future attacks. Several researchers validated part of the batch, among them the British <em>Kevin Beaumont</em>, who confirmed the authenticity of a sample of administration credentials.</p>]]></description></item></channel></rss>