ArticWolf hasn't release which two vendors are affected, so I was curious if Fortinet products are affected.
http://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Thanks,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @jramirez ,
This ransomware affects Windows devices, not firewalls. One of the 2 vendors mentioned in the article may be Fortinet. Because what is meant there is that this ransomware spreads through comprimised VPN information. If your Fortigate is affected by SSL-VPN vulnerabilities, you will be likely to be affected by this ransomware attack.But of course, this does not mean that you will definitely be affected.
"In each of the cases investigated, forensic evidence indicated that threat actors were able to access victim environments by leveraging compromised VPN credentials. Notably, the remote access occurred through two separate VPN gateway vendors. The last documented threat activity in our cases occurred on May 23, 2024."
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1703 | |
1092 | |
752 | |
446 | |
229 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.