About UsCareersBlogLog In|Log Out
Cyber Security ResourceCyber Security Resource
  • Home
  • Products
    • IT Security Partnership Program
    • Cyber Security Resource Community
    • Third Party Risk Management
    • Managed Detection and Response
  • Services
    • Cyber Security Risk Assessment
    • HITRUST Readiness Assessment
    • Cyber Security Advisory Services
    • Penetration Test
    • Vulnerability Assessment
  • Solutions
    • Security Awareness & Training
    • Email Phishing
    • Antivirus – Antimalware
  • Resources
    • Cyber Security Resource Library
    • IT Governance
    • Information Security
    • Risk Management
    • Vulnerability Management
    • Incident Response
  • Partners
    • Consultants Network
    • Sales Partners
Facebook
Twitter
LinkedIn
YouTube
About UsCareersBlogLog In|Log Out

Cring Ransomware Used in Attacks on European Industrial Firms

April 7, 2021AddMgrNo Comments
https://img.deusm.com/darkreading/dr_staff_125x125.jpg

Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.

Researchers with Kaspersky say several companies in Europe’s industrial sector were recent victims of attacks using Cring ransomware. 

Attackers exploited CVE-2018-13379, a vulnerability in Fortigate SSL VPN servers, to gain access to the victim’s networks, researchers report. The unpatched servers were exposed to the Internet. 

This vulnerability was publicized in 2019 but not all devices were updated. Offers to sell a ready-made list containing IP addresses of Internet-facing vulnerable devices began to appear on Dark Web forums in autumn 2020, according to a report from Kaspersky. 

“With such an IP address, an unauthenticated attacker can connect to the appliance through the Internet and remotely access the session file, which contains a username and password stored in clear text,” researchers say.

These attacks were first mentioned by a member of CSIRT team of Swiss telecommunications provider Swisscom. Kaspersky then conducted an investigation at one of the affected enterprises to learn more about how the servers were being infected.

More information on the attacks can be found here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Recommended Reading:

More Insights

This post was originally published on this site

AddMgr
Our passion at Cyber Security Resource is to work with IT Security Officers, Risk Managers, IT Managers, and Business Professionals to meet their Compliance and IT Security requirements. We offer IT security risk assessments, network and application penetration testing, and security certification readiness for Hitrust or SOCII.
Previous post Voice-Changing Software Found on APT Attackers' Server Next post Network Security News Summary for Monday February 1st, 2021

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get Our Newsletter

  • Virtual CISO Advisory Services
  • Cyber Security Risk Assessment
  • Vulnerability Assessment
  • Penetration Test
  • Cyber Security Awareness Training

Latest News

  • HITRUST Certification vs HIPAA: What you Need to Know
  • Why Do Businesses Need an Incident Response Plan?
  • Vulnerability Assessment vs. Penetration Testing: What’s the Difference?
  • Healthcare Cyber Security Trends: What You Need to Know Now and Going Forward
  • How To Perform a Cyber Security Risk Analysis For Any Organization.
HomeAccountPrivacy PolicyReturn & Refund PolicyTerms and ConditionsAbout UsContact Us

Return & Refund Policy - Terms and Conditions