Ctrl+Alt+Oops: FortiBleed criminal's logins stitch two gangs together
ID: 62c401f7-1f97-5881-acc2-f8eff1e4f6b3
STIX ID: report--62c401f7-1f97-5881-acc2-f8eff1e4f6b3
Feed Name: The Register (Security)
Researchers linked the widespread FortiBleed credential-harvesting campaign to active ransomware operations after discovering an access broker operator logged into both INC and Lynx affiliate panels; attackers intercepted VPN authentication hashes, cracked them with a 45-GPU cluster, gained admin access to hundreds of FortiGate environments, and on hundreds of targets executed full attack chains leading to domain controller and domain admin compromise, with high-profile organizations among the suspected victims.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
