{"id":55287,"date":"2024-02-09T14:30:14","date_gmt":"2024-02-09T14:30:14","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/"},"modified":"2024-02-09T14:30:14","modified_gmt":"2024-02-09T14:30:14","slug":"fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/","title":{"rendered":"Fortinet&#8217;s week to forget: Critical vulns, disclosure screw-ups, and <em>that<\/em> toothbrush DDoS attack claim"},"content":{"rendered":"<p>We&#8217;ve had to write the word &#8220;Fortinet&#8221; so often lately that we&#8217;re considering making a macro just to make our lives a little easier after what the company&#8217;s reps will surely agree has been a week sent from hell.<\/p>\n<p>It all culminated this Friday with the disclosure of yet another critical security vulnerability in FortiOS, impacting its SSL VPN.<\/p>\n<p>Tracked as <a href=\"https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-015\" rel=\"nofollow\">CVE-24-21762<\/a>, the 9.6 severity out-of-bounds write issue allows for remote unauthenticated attackers to achieve code execution. There&#8217;s also evidence to suggest it&#8217;s already been exploited as a zero-day.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Security researchers have <a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/111898366290862549\" rel=\"nofollow\">urged<\/a> users to patch vulnerable VPNs as soon as possible since the vulnerability is understood to be easily exploitable.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>There are various different affected versions of FortiOS and different patches available. The vulnerability also impacts unsupported versions, so now is definitely the time to make that upgrade if FortiOS 6.0.x is still running.<\/p>\n<div class=\"reg_tbl_container\">\n<table class=\"reg_tbl center stretch\">\n<tbody readability=\"6\">\n<tr>\n<td>Version<\/td>\n<td class=\"stripe\">Affected<\/td>\n<td>Solution<\/td>\n<\/tr>\n<tr>\n<td>FortiOS 7.6<\/td>\n<td class=\"stripe\">Not affected<\/td>\n<td>Not applicable<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 7.4<\/td>\n<td class=\"stripe\">7.4.0 through 7.4.2<\/td>\n<td>Upgrade to 7.4.3 or above<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 7.2<\/td>\n<td class=\"stripe\">7.2.0 through 7.2.6<\/td>\n<td>Upgrade to 7.2.7 or above<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 7.0<\/td>\n<td class=\"stripe\">7.0.0 through 7.0.13<\/td>\n<td>Upgrade to 7.0.14 or above<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 6.4<\/td>\n<td class=\"stripe\">6.4.0 through 6.4.14<\/td>\n<td>Upgrade to 6.4.15 or above<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 6.2<\/td>\n<td class=\"stripe\">6.2.0 through 6.2.15<\/td>\n<td>Upgrade to 6.2.16 or above<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td>FortiOS 6.0<\/td>\n<td class=\"stripe\">6.0 all versions<\/td>\n<td>Migrate to a fixed release<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>The only workaround recommended by Fortinet is to disable the SSL VPN. Disabling webmode won&#8217;t mitigate the vulnerability, it said.<\/p>\n<p>Other vulnerabilities were also disclosed alongside it, such as CVE-2024-23113 \u2013 a critical RCE bug in FortiOS fgfmd daemon, but these haven&#8217;t been exploited in the wild.<\/p>\n<h3 class=\"crosshead\">Buggy bug disclosure and an angry kettle<\/h3>\n<p>Some of you <em>Reg<\/em> readers will have been following the Fortinet-related coverage this week and perused the story about a confusing <a href=\"https:\/\/www.theregister.com\/2024\/02\/06\/fortinet_fortisiem_vulns\/\">double bug disclosure<\/a> on February 6. This was just the start of hell week.<\/p>\n<p>The story immediately attracted our attention since it&#8217;s not too often we hear about two maximum severity bugs being disclosed on the same day, impacting a major security product like FortiSIEM.<\/p>\n<p>However, that&#8217;s what happened on Tuesday with both CVE-2024-23108 and CVE-2024-23109 appearing in the National Vulnerability Database (NVD). The confusing part was that both vulnerabilities were submitted by Fortinet, but both linked back to a separate, earlier October advisory, revealing no details about these seemingly huge new flaws.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>So, hungry vultures we are, we swooped down and picked that story up immediately, shooting Fortinet a request for clarity on the matter and why it hadn&#8217;t published details on them.<\/p>\n<p>Many readers will likely have seen that story since it was among the most-read for a few days, but some may be wondering why we didn&#8217;t update it with the latest available information per our usual high standards.<\/p>\n<p>It took Fortinet more than 73 hours to issue us with an official response. It came through after we started writing this on February 9.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>For those not in tune with how the media works, this is very, very poor form on the vendor&#8217;s part. A response given to a publication even beyond just 24 hours, especially with no explanation as regards the delay, is considered unprofessional.&nbsp;<\/p>\n<p>In the meantime, the company has issued two separate statements to our competitors explaining what exactly has gone wrong with this disclosure. We didn&#8217;t publish this for a number of editorial-related reasons, and prior to the statement issued today, we&#8217;ve only received apologies for the radio silence. Not even copies of the statements given to other publications.<\/p>\n<p>If a 24-hour wait is considered unprofessional, more than three days is a slap in the face.<\/p>\n<p>So, all of that is why our coverage hasn&#8217;t been as timely as we, and you as readers, expect from us.<\/p>\n<p>But, since we&#8217;re providing an overview of the vendor&#8217;s week, what actually happened here was that it absolutely bungled the disclosure of these vulnerabilities.&nbsp;<\/p>\n<p>Firstly, Fortinet backtracked and said these weren&#8217;t vulnerabilities at all, instead explaining that they were issued in error and were duplicates of the single vulnerability mentioned in the aforementioned October advisory \u2013 CVE-2023-34992.<\/p>\n<p>Then, within hours of this, the company backtracked again saying that yes, actually, these are two new vulnerabilities \u2013 two bypasses for October&#8217;s CVE-2023-34992. This came after the researcher credited with the discoveries <a href=\"https:\/\/twitter.com\/Andrew___Morris\/status\/1755305399031386299\" rel=\"nofollow\">published the email<\/a> from Fortinet confirming the findings were indeed actual vulnerabilities. Fortinet retained its 10\/10 severity ratings, while the NVD downgraded both to 9.8.<\/p>\n<p>Fortinet&#8217;s statement from today addressed the &#8216;why&#8217; behind the disclosure, blaming it on &#8220;exceptional circumstances.&#8221;<\/p>\n<p>According to a Fortinet spokesperson:<\/p>\n<h3 class=\"crosshead\">That damned toothbrush story<\/h3>\n<p>Security-minded readers or otherwise, you will all have surely seen the story circulating this week about Java-based, malware-laden toothbrushes being recruited in a 3 million-strong botnet that&#8217;s DDoS-ing Switzerland.<\/p>\n<p>Unlike many of the major national newspapers, and even some well-read tech press, we brushed over this one as something didn&#8217;t quite seem right about it. For Fortinet, it was yet another mess to clean up.<\/p>\n<p>The Swiss newspaper that originally <a href=\"https:\/\/www.luzernerzeitung.ch\/wirtschaft\/kriminalitaet-die-zahnbuersten-greifen-an-das-sind-die-aktuellen-cybergefahren-und-so-koennen-sie-sich-schuetzen-ld.2569480\" rel=\"nofollow\">published the story<\/a> claimed a director of systems engineering at [you can guess the company] told their reporter during an interview that the toothbrush DDoS-ing was actually happening in the real world.<\/p>\n<p>After many <a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/111886861630650390\" rel=\"nofollow\">strongly worded suspicions<\/a> that the <a href=\"https:\/\/www.malwarebytes.com\/blog\/awareness\/2024\/02\/how-to-tell-if-your-toothbrush-is-being-used-in-a-ddos-attack\" rel=\"nofollow\">claim was false<\/a>, and a litany of memes pasted over tech social media, Fortinet responded by saying the claim was simply just lost in translation.<\/p>\n<p>The reporter at the Swiss German daily which originally reported the story then snapped back with <a href=\"https:\/\/www.luzernerzeitung.ch\/wirtschaft\/cyberangriff-die-gehackten-zahnbuersten-gehen-medial-um-die-welt-und-loesen-fragen-aus-wie-es-dazu-kam-ld.2577182\" rel=\"nofollow\">a comeback<\/a> that refuted Fortinet&#8217;s response, saying: &#8220;What the Fortinet headquarters in California is now calling a &#8216;translation problem&#8217; sounded completely different during the research: Swiss Fortinet representatives described the toothbrush case as a real DDoS at a meeting that discussed current threats.&#8221;<\/p>\n<p>Stefan Zuger, the Fortinet engineer who gave the interview, reportedly provided specific details of the DDoS incident, including for how long the attack had been ongoing and the potential damage to the unnamed website it affected, the reporter claimed.<\/p>\n<p>The Swiss reporter also said the article was proofread by Fortinet before publication and nothing in the report was corrected by the vendor.<\/p>\n<h3 class=\"crosshead\">TGIF, right?<\/h3>\n<p>The weekend will doubtless be a welcome reprieve, especially for members of Fortinet&#8217;s publicity team who will have been working tirelessly to undo all the company-wide errors from the past week.<\/p>\n<p>To their credit, they will also be dealing with the response to the reports that were also published this week about <a href=\"https:\/\/www.theregister.com\/2024\/02\/06\/dutch_defense_china_cyberattack\/\">Chinese cyberspies exploiting FortiGate vulnerabilities<\/a> using custom malware.<\/p>\n<p>We at <em>El Reg<\/em> lovingly welcome errors and messes of all kinds. We hate slow news days, so long may it continue\u2026 just as long as we&#8217;re not ignored while it&#8217;s happening. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/02\/09\/a_look_at_fortinet_week\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>An orchestra of fails for the security vendor We&#8217;ve had to write the word &#8220;Fortinet&#8221; so often lately that we&#8217;re considering making a macro just to make our lives a little easier after what the company&#8217;s reps will surely agree has been a week sent from hell.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-55287","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fortinet&#039;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fortinet&#039;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-09T14:30:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Fortinet&#8217;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim\",\"datePublished\":\"2024-02-09T14:30:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/\"},\"wordCount\":1119,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/\",\"name\":\"Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-02-09T14:30:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fortinet&#8217;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/","og_locale":"en_US","og_type":"article","og_title":"Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-02-09T14:30:14+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Fortinet&#8217;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim","datePublished":"2024-02-09T14:30:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/"},"wordCount":1119,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/","url":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/","name":"Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-02-09T14:30:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcY3f8d7lBxC679WvO3n5AAAAI8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/fortinets-week-to-forget-critical-vulns-disclosure-screw-ups-and-that-toothbrush-ddos-attack-claim\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Fortinet&#8217;s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55287","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55287"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55287\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55287"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55287"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55287"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}