Kaspersky: ‘Cring’ Group Targeting European Organizations is exploiting an old Fortigate VPN server flaw. The gang behind “Cring” is exploiting a Fortinet VPN server vulnerability that the company patched in 2019. Once in the victim’s environment, the attackers encrypt data and then demand a ransom of two bitcoins ($113,768) for decrypting the files. U.S. Cybersecurity and Infrastructure Security Agency and the FBI have been scanning for Fortinet vulnerabilities since March (see: FBI and CISA: APT Groups Targeting Government Agencies)”]
Source: https://www.bankinfosecurity.com/ransomware-gang-exploits-old-fortinet-vpn-flaw-a-16365