City

Marathi | Hindi

Epaper

Iran-backed hackers exploiting Microsoft, Fortinet bugs

By IANS | Updated: November 18, 2021 10:25 IST

San Francisco, Nov 18 Federal cyber agencies across the US, the UK and Australia have warned that the ...

Open in App

Iran-backed hackers exploiting Microsoft, Fortinet bugs

San Francisco, Nov 18 Federal cyber agencies across the US, the UK and Australia have warned that the Iranian government-sponsored hackers are exploiting several vulnerabilities in Microsoft Exchange email server and cyber security company Fortinet to perform malicious activities, which include deploying ransomware.

In an advisory, The US Cybersecurity and Infrastructure Security Agency (CISA) said that they have highlighted the ongoing malicious cyber activity by an advanced persistent threat (APT) group associated with the government of Iran.

"The Federal Bureau of Investigation (FBI) and CISA have observed this Iranian government-sponsored APT exploit Fortinet and Microsoft Exchange ProxyShell vulnerabilities to gain initial access to systems in advance of follow-on operations, which include deploying ransomware," the CISA said in a statement late on Wednesday.

The CISA, the FBI, the Australian Cyber Security Centre (ACSC), and the UK's National Cyber Security Centre (NCSC) have released the joint cybersecurity advisory.

"ACSC is also aware this APT group has used the same Microsoft Exchange vulnerability in Australia," it read.

The Iranian government-sponsored APT group has exploited Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021.

The APT actors are actively targeting a broad range of victims across multiple US critical infrastructure sectors, including the transportation sector and the healthcare and public health sector, as well as Australian organisations.

"These Iranian government-sponsored APT actors can leverage this access for follow-on operations, such as data exfiltration or encryption, ransomware, and extortion," the advisory read.

In April this year, the FBI and CISA issued warnings about the vulnerabilities in Fortinet gear being actively exploited.

Microsoft on Wednesday issued its own warning of six Iranian groups using vulnerabilities in the same pair of products to deploy ransomware.

Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor

Tags: Microsoft Exchange ServerFortinetusSan FranciscoSan francisco bayJose d'sa
Open in App

Related Stories

NationalAir India Flight From San Francisco to Mumbai Suffers Technical Snag; Passengers Deplaned at Kolkata Airport (Watch Videos)

InternationalOrganic Ground Beef Recalled Over E. Coli Fears in US - Is Yours Affected?

InternationalTennessee: One Killed, Several Injured After Woman Suffers Seizure While Driving, Hits Pedestrians and Vehicles in Gatlinburg

InternationalUS: 250 Million Bees Escape After Semi-Truck Overturns in Whatcom County; Weidkamp Road Closed to Traffic

InternationalSan Diego Plane Crash: Drummer Daniel Williams Among 6 Killed After Small Jet Crashes Into Neighbourhood in California (Watch Video)

Technology Realted Stories

TechnologyDGCA gives clean chit to Air India’s Boeing 787 fleet amid thorough inspection

TechnologyNo major safety concerns with Air India’s Boeing 787 fleet: DGCA

TechnologyAndhra Pradesh plans to establish three circular economy parks

TechnologyIPO-bound Arisinfra's net loss widens to Rs 17.3 crore, revenue drops nearly 7 pc in FY24

TechnologyUnion Minister Jitendra Singh reviews progress of science and technology institutes in Northeast