Fortinet was recently found to have certain vulnerabilities that hackers like the Qilin group exploited. Here’s how they manipulated these weaknesses:
- Misconfigurations in security appliances provided a direct entry point for
- Qilin.Outdated Software: Failure to update Fortinet software allowed the ransomware to exploit known vulnerabilities.
Qilin also employs social engineering tactics to gain unauthorized access:
- Phishing Attacks: Targeting employees with sophisticated emails that mimic legitimate communications, prompting them to inadvertently grant access to malicious actors.
Read more…
Source: MSN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Financial Cyberthreats in 2019
April 16, 2020
Financial cyberthreats are malicious programs that target users of services such as online banking, e-money, and cryptocurrency, or that attempt to gain access to financial organizations and their infrastructure. These threats are usually accompanied by spam and phishing activities, with malicious users creating fake financial-themed pages and emails to steal victims’ credentials. In order to study ...
- RagnarLocker ransomware hits EDP energy giant, asks for €10M
April 14, 2020
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M). EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy. The company is present ...
- Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns
April 14, 2020
Despite prior reporting by various sources indicating that some cyber threat attacker activity may subside in some respects during the COVID-19 pandemic, Unit 42 has observed quite the opposite with regard to COVID-19 themed threats, particularly in the realm of phishing attacks. While the various COVID-19 themed phishing campaigns observed by Unit 42 are numerous, this blog ...
- Threat Spotlight: Gootkit Banking Trojan
April 14, 2020
Gootkit is a sophisticated banking Trojan which can perform various malicious activities such as: web injection, taking screenshots, video recording, email parsing, and so on. Gootkit emerged during the summer of 2014 but is still active, making it a viable threat to financial institutions to this day. BlackBerry most recently observed a Gootkit campaign via AZORult infostealer ...
- Coronavirus Update App Leads to Project Spy Android and iOS Spyware
April 14, 2020
Trend Micro has discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware (detected by Trend Micro as AndroidOS_ProjectSpy.HRX and IOS_ProjectSpy.A, respectively). Project Spy uses the ongoing coronavirus pandemic as a lure, posing as an app called Coronavirus Updates. We also found similarities in two older samples ...
- Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
April 14, 2020
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account. In the background, meanwhile, the ...