New Ransomware Strain Exploiting Fortinet VPN Flaw Shut Down Two Factories in Europe
Cisco issues security updates including one for severe RCE flaw, India vows to combat Chinese cyberattacks, Microsoft product flaws garner over $400,000 in first day of Pwn2Own, more
Check out my latest CSO column, which focuses on the less-than-positive reactions by infosec professionals to the leaked details of the Biden administration’s upcoming cybersecurity executive order.
Researchers at Kaspersky Lab say a new human-operated ransomware strain known as Cring (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom) exploits a Fortinet VPN flaw to breach and encrypt industrial sector companies' networks. The ransomware operators shut down two production facilities belonging to a multinational firm headquartered in Germany that has factories in Italy.
The attackers exploit internet-exposed Fortigate SSL VPN servers unpatched against the CVE-2018-13379 vulnerability, which allows them to breach their targets' network and move laterally, stealing Windows user credentials to gain control of the domain administrator account and facilitating the delivery of ransomware.
Fortinet urges customers to implement upgrades and mitigations for the vulnerability immediately, fla…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.