Hi, As many will likely have heard, there has been a leak of fortinet configuration files posted to the Internet lately.
This leak also contains a large number of private keys that are encrypted with a password, and the password is encrypted with a publicly known static password. I had already written a blogpost about this a few days ago, and have added some updates yesterday and today: https://blog.hboeck.de/archives/908-Private-Keys-in-the-Fortigate-Leak.html Many of those keys belonged to publicly trusted certificates, a smaller number of them were unrevoked at the time of the incident. Also, the data contained keys for Let's Encrypt ACME accounts. I have reported all the certificates with affected private keys to the responsible CAs for revocation, and have disabled the affected ACME accounts. -- Hanno Böck - Independent security researcher https://itsec.hboeck.de/ https://badkeys.info/ -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20250124100555.67219a0b%40computer.
