Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe's ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target's network 79 hours after the hack. The server, which belonged to an unnamed...

Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF

Details have emerged about a new unpatched security vulnerability in Fortinet's web application firewall WAF appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. "An OS command injection vulnerability in FortiWeb's management interface...

Unpatched vulnerable VPN servers hit by Cring ransomware

By Deeba Ahmed According to Kaspersky's researchers, Cring ransomware operators are targeting vulnerable Fortinet VPN devices/servers. This is a post from HackRead.com Read the original post: Unpatched vulnerable VPN servers hit by Cring ransomware...

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

Threat actors are exploiting a Fortinet vulnerability flagged by the feds last week that delivers a new ransomware strain, dubbed Cring, that is targeting industrial enterprises across Europe. Researchers say the attackers are exploiting an unpatched path-reversal flaw, tracked as CVE-2018-13379,...