Lucene search

Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns

🗓️ 17 Nov 2021 17:01:04Reported by Lisa VaasType

A state-backed Iranian threat actor exploiting Fortinet and Microsoft Exchange vulnerabilities, aiming to deploy BitLocker ransomware and other attacks, has invoked a warning from CISA and been tracked globally

Reporter	Title	Published	Views	Family All 199
The Hacker News	U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws	17 Nov 202115:44	–	thn
The Hacker News	New Incident Report Reveals How Hive Ransomware Targets Organizations	21 Apr 202210:00	–	thn
The Hacker News	MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks	22 May 202407:41	–	thn
The Hacker News	WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws	22 Aug 202109:51	–	thn
The Hacker News	U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks	15 Sep 202206:49	–	thn
The Hacker News	A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries	4 Oct 202112:48	–	thn
The Hacker News	Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East	5 Sep 202416:19	–	thn
The Hacker News	Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF	18 Aug 202103:41	–	thn
The Hacker News	ProxyNotShell – the New Proxy Hell?	4 Oct 202208:05	–	thn
The Hacker News	Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns	22 Nov 202111:47	–	thn

Source	Link
threatpost	www.threatpost.com/hades-ransomware-connections-hafnium/165069/
us-cert	www.us-cert.cisa.gov/ncas/current-activity/2021/11/17/iranian-government-sponsored-apt-cyber-actors-exploiting-microsoft
microsoft	www.microsoft.com/security/blog/2021/11/16/evolving-trends-in-iranian-threat-actor-activity-mstic-presentation-at-cyberwarcon-2021/
media	www.media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/11/17104422/Fig1b-ransomware-timeline.jpg
threatpost	www.threatpost.com/apt-ta453-siphons-intel-mideast/167715/
thedfirreport	www.thedfirreport.com/2021/11/15/exchange-exploit-leads-to-domain-wide-ransomware/
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
threatpost	www.threatpost.com/fbi-apts-actively-exploiting-fortinet-vpn-security-holes/165213/
ic3	www.ic3.gov/media/news/2021/210402.pdf
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Nov 2021 17:04Current

10High risk

Vulners AI Score10

CVSS210

CVSS39.1

EPSS0.94454