Iranian government-sponsored hackers are exploiting several vulnerabilities in Microsoft Exchange email server and cyber security company Fortinet to perform malicious activities, including deploying ransomware, according to federal cyber agencies in the United States, the United Kingdom, and Australia.
The US Cybersecurity and Infrastructure Security Agency (CISA) stated in an advisory that they have identified continuous hostile cyber activities by an advanced persistent threat (APT) organisation linked to the Iranian government.
“The FBI and CISA have observed this Iranian government-sponsored APT use Fortinet and Microsoft Exchange ProxyShell vulnerabilities to obtain initial access to computers in preparation for follow-on activities, which include spreading ransomware,” the CISA stated late Wednesday in a statement.
Cybercriminals can “perform data exfiltration, data encryption, or other nefarious activity” by hacking into networks using Fortinet vulnerabilities.
The joint cybersecurity advice was released by the CISA, the FBI, the Australian Cyber Security Centre (ACSC), and the UK’s National Cyber Security Centre (NCSC).
“ACSC is also aware that this APT group exploited the same Microsoft Exchange vulnerability in Australia,” the report stated.
Since at least March 2021, the Iranian government-sponsored APT outfit has exploited Fortinet vulnerabilities and a Microsoft Exchange ProxyShell vulnerability.
APT actors are aggressively targeting a wide range of victims in a variety of vital infrastructure sectors in the United States, including transportation, healthcare, and public health, as well as Australian organisations.
The advice stated, “These Iranian government-sponsored APT actors can use this access for follow-on operations such data exfiltration or encryption, ransomware, and extortion.”
The FBI and CISA released warnings in April of this year regarding Fortinet hardware vulnerabilities that were being aggressively exploited.
Microsoft issued its own warning on Wednesday, stating that six Iranian groups are utilising vulnerabilities in the same set of products to spread ransomware.
Apart from this, you can also read our other Entertainment, Tech, and Sports related stories like M4ufree, M4uhd, GC Invoker Utility, VIPLeague, Moviezwap, The Equalizer 3, Eddie Murphy net worth, Baki Season 5, Frozen 3, Milana Vayntrub net worth, and Astrology related articles like crystals for protection.
 has noted continuous harmful cyber activities by an advanced persistent threat){kind=link}