- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are Fortinet products affected by the New Fog ransomware?
ArticWolf hasn't release which two vendors are affected, so I was curious if Fortinet products are affected.
http://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Thanks,
- Labels:
-
FortiClient EMS
-
FortiGate
-
SSL-VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @jramirez ,
This ransomware affects Windows devices, not firewalls. One of the 2 vendors mentioned in the article may be Fortinet. Because what is meant there is that this ransomware spreads through comprimised VPN information. If your Fortigate is affected by SSL-VPN vulnerabilities, you will be likely to be affected by this ransomware attack.But of course, this does not mean that you will definitely be affected.
"In each of the cases investigated, forensic evidence indicated that threat actors were able to access victim environments by leveraging compromised VPN credentials. Notably, the remote access occurred through two separate VPN gateway vendors. The last documented threat activity in our cases occurred on May 23, 2024."
NSE 4-5-6-7 OT Sec - ENT FW
