Get a Pentest and security assessment of your IT network.

News

APT hacked a US municipal government via an unpatched Fortinet VPN

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. An APT group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. municipal government. The feds uncovered the attack in May 2021, government experts reported that the threat actors likely created an account with the username elie to gain persistence on the network. The tools associated with this attack are: Mimikatz (credential theft) MinerGate (crypto mining) WinPEAS (privilege escalation)”]

Source: https://securityaffairs.co/wordpress/118338/apt/fortinet-vpn-us-municipal-government.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2