skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Hackers Exploit Fortinet EMS Vulnerability for Remote Access

/ 1 min read

🕵️‍♂️ Hackers exploit critical Fortinet vulnerability to deploy remote access tools. A recently patched SQL injection vulnerability, CVE-2023-48788, with a CVSS score of 9.3, is being actively exploited by cybercriminals to install remote desktop software like AnyDesk and ScreenConnect on compromised systems. Russian cybersecurity firm Kaspersky reported that the attacks targeted a company’s Windows server exposed to the internet, allowing unauthorized code execution. The threat actors utilized this vulnerability to gain initial access, subsequently uploading various payloads for credential harvesting and lateral movement within the network. The campaign has affected companies across multiple countries, including Brazil, France, and Turkey, highlighting the evolving tactics of cyber attackers. Kaspersky noted ongoing attempts to weaponize the vulnerability, indicating a persistent threat landscape.

Source
{entry.data.source.title}
Original