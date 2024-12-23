Data Security

Intrusions exploiting critical Fortinet EMS bug ongoing

Organizations in Brazil, Peru, France, Spain, Switzerland, Croatia, Namibia, India, Turkey, Mongolia, Indonesia, and the United Arab Emirates have been targeted in attacks targeting Fortinet FortiClient EMS instances affected by the critical SQL injection vulnerability, tracked as CVE-2023-48788, to facilitate remote desktop software injections, according to The Hacker News.

Threat actors leveraged the flaw to compromise an unnamed organization's internet-exposed Windows system with a ScreenConnect executable that enabled the remote deployment of the webbrowserpassview.exe and netpass64.exe password recovery tools, Mimikatz executable, netscann.exe network scanner, and AnyDesk for credential theft, network enumeration, and remote control, an analysis from Kaspersky revealed. Other intrusions involving the flaw sought to execute a PowerShell script that allowed data gathering from at-risk targets. "The analysis of this incident helped us to establish that the techniques currently used by the attackers to deploy remote access tools are constantly being updated and growing in complexity," said researchers.

Related

Ascension Health attack hits nearly 5.6M

Major U.S. healthcare system Ascension Health had data from more than 5.599 million patients and employees compromised in a cyberattack earlier this year, which was attributed to the Black Basta ransomware-as-a-service operation, Cybernews reports

Keepit secures $50M

Proceeds from the latest round will be used to accelerate the company’s growth into key markets such as the United States and Europe, alongside other high-growth regions.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

BitBlock CipherCiphertextData AggregationData Encryption Standard (DES)Data Loss Prevention (DLP)DecryptionDiffie-HellmanDigital EnvelopeDigital Signature

You can skip this ad in 5 seconds