Tag: fortinet
Rise in ‘brute force’ attacks on VPNs
The past four weeks have seen a sharp global increase in ‘brute force’ attacks on virtual private network (VPN) services, which supply private networks using encryption over the internet. ‘Brute force’ attacks use trial and error to crack passwords, login credentials, and encryption keys. New life has been breathed into what is an old hacking technique with widely available software using artificial intelligence (AI) that can carry out large numbers of attempts automatically. Cisco Talos Intelligence Group reports a sharp rise worldwide in this type of attack against targets, including virtual private network (VPN) services and web authentication interfaces. “Cisco Talos has been actively monitoring a global increase in brute-force attacks against a variety of targets, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services since at least March 18, 2024. The traffic related to these attacks has increased with time and is likely to continue to rise,” predicts Cisco Talos
US Department of Health and Human Services Falls Victim to Social Engineered Scam – April 11th
The US Department of Health and Human Services (HHS) reported that they fell victim to a social engineering scam over the phone, imitating HHS' financial department, convincing them to hand over ID verification details. The threat actors, aside from imitating HHS' financial department, pulled the attack off by using local area codes and AI voice-changing technology to disguise themselves. The surrendered information could lead to threat actors bypassing multifactor authentication (MFA) security.
Facebook’s “Project Ghostbusters” Discovered to Spy on Snapchat Traffic – March 27th
A federal court in California earlier this week released documents that revealed Facebook's 2016 "Project Ghostbusters" campaign. The campaign was designed to mine Snapchat user data to understand their behavior better. The project was a part of Facebook's In-App Action Panel (IAPP) program, which used techniques to intercept and decrypt encrypted app traffic from Snapchat and, later, from YouTube and Amazon.
CISA Systems Shut Down Due to Third-Party Breach – March 11th
Cybersecurity and Infrastructure Security Agency (CISA) confirmed that two of its systems were voluntarily shut down due to a breach stemming from Ivanti vulnerabilities last month. Despite the successful attack mitigation, CISA claims to upgrade and modernize its systems to avoid breaches of this nature in the future.
Ransomware Payments Reach a Collective Payout Estimated at $1B in 2023 – February 8th
According to Chainalysis, the estimated total value received by ransomware attackers reached $1.1B in 2023. The Chainalysis report also states that the estimated $1.1B only pertains to ransomware demands collected, and does not account for operational and third-party disruption costs.
Chinese Malware Breaches Dutch Defense Department – February 7th
Specialists from the Netherlands' Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) announced a Chinese nation-state-sponsored malware 'Coathanger' and its breach on the Dutch Ministry of Defense (MoD). The stealthy 'Coathanger' malware's code revealed a remote access trojan (RAT) specifically built to infiltrate Fortinet's FortiGate firewalls through the 'CVE-2022-42475' vulnerability, which resulted in stolen user account credentials from the Dutch MoD's servers.