US, UK, and Australia pin Iran for exploiting Fortinet and Exchange holes

18 November 2021

Cyber authorities across the US, UK, and Australia have called for administrators to immediately patch a quartet of vulnerabilities — CVE-2021-34473, 2020-12812, 2019-5591, and 2018-13379 — after attributing some attacks that used them to attackers backed by Iran. “FBI and CISA have observed this Iranian government-sponsored APT group exploit Fortinet vulnerabilities since at least March 2021, and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include deploying ransomware,”

Read full article on ZDNet

Date:

18 November 2021

Categorie(s):

NEWS

Tag(s):

Actors, APTs, Cyber, Exchanges, K

Severe Flaws Disclosed in Brocade SANnav SAN Management Software26 April 2024
Microsoft credentials targeted by phishing campaign using Autodesk Drive26 April 2024
Novel Kaolin RAT malware distributed in Lazarus Group attacks26 April 2024
Infections with abandoned PlugX USB worm continue to be prevalent26 April 2024
Phishing attack compromises LA County Health Services data26 April 2024