US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet
US, UK, and Australian cybersecurity agencies warned today of ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities linked to an Iranian-backed hacking group.
The warning was issued as a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC).
“FBI and CISA have observed this Iranian government-sponsored APT group exploit Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include deploying ransomware,” CISA said.
Related
Tagged $5 Million Insurance, 2FA, 2G/EDGE, 3G/HSDPA, 4G/LTE, 5G, AAPL, Alibaba, Ann Cavoukian, Anonymous, Apple customers, Apple's M1 chip, batteries, Bitcoin, BTC, BTC-USD, California Pizza Kitchen, card readers, Cell Phone, Certified, Cloud Paks, Cognos, Corvus Risk Insights Index, Covid-19 status, CPK, CPK Data Breach, Crypto, CRYPTO: DOGE, cryptojacking, Cyber insurance, data on hacking forum, Db2, desktops, device IDs, displays, DOGE, efani, efani secure cell service, efani.biz, efanigroup, Encryption, End-to-End, Ethereum, Fake Vaccine Certificates, Global Privacy, IBM Software, laptops, Litecoin, Microsoft Exchange Server, Military-Grade, mobile, mobile devices, Murphy Law Firm, NASDAQ: AAPL, NASDAQ: HOOD, NASDAQ: LCID, NFT, Ontario privacy, Private, Q, Q4 2021, QRadar, Robinhood Hacker, Secure, seeking data on forum, Self-Sovereign Identities, Senior VP, SIM, SIM Swap, SMS, St. John’s, TikTik, Tom Rosamilia, Trump, Vaccine Certificates, Watson, WiFi