: Examine your firewall logs for any unauthorized administrative access dating back to late 2022.
The file is linked to a significant cybersecurity incident involving the Belsen Group (or a group using that name) that surfaced around mid-January 2025.
: Ensure your firmware is updated to versions that patch CVE-2022-40684 . Configs Leaked.rar
Security researchers and community members on platforms like Reddit have been mapping the leaked IPs to identify affected organizations. If you are an administrator of a FortiGate device:
: Because these configuration files are not typically stored centrally by the manufacturer, security experts believe the leak originated from individual firewall exploits rather than a breach of Fortinet's own systems. Response and Remediation : Examine your firewall logs for any unauthorized
Unknown group releases Fortinet config files and VPN ... - Heise
: Immediately change all administrative and VPN passwords. Security researchers and community members on platforms like
: The .rar archive reportedly includes sensitive information such as: IP addresses and port details. Firewall configuration settings. Hashed or plain-text VPN passwords.