Researchers say attackers are exploiting an unpatched path-reversal flaw, tracked as CVE-2018-13379, in Fortinet s FortiOS. The goal is to gain access to victims enterprise networks and deliver ransomware. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned last week that nation-state advanced persistent threat (APT) groups were actively exploiting known security vulnerabilities in the Fortinet FortiOS operating system. Cring is relatively new to the ransomware threat landscape which already includes dominant strains REvil, Ryuk, Maze and Conti.
Source: https://threatpost.com/hackers-exploit-flaw-cring-ransomware/165300/