InfoSecBulletin Cybersecurity for mankind
The Dutch military security service MIVD recently revealed that a cyber espionage campaign, which was initially mentioned in February, managed to gain access to around 20,000 Fortigate-secured systems between 2022 and 2023. It is now believed that this campaign “appears to be much more extensive than previously known”.
The Nationaal Cyber Security Centre stated on Monday that the hack was larger than initially believed. The MIVD suspects that the Chinese still have access to certain systems.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The MIVD said the Chinese espionage campaign targeted “dozens of western governments, international organizations and a large number of defense ministry firms”.
National Cyber Security Centre (NCSC) said that the state-sponsored hackers behind the spying operation were exploiting a vulnerability in FortiGate devices for “at least two months before Fortinet announced the vulnerability.”
The vulnerability, tracked as CVE-2022- 42475 was exploited during this “so-called ‘zero day’ period” to infect 14,000 devices, according to the alert, with targets including “dozens of (Western) governments, international organizations and a large number of companies within the defense industry.”
Since February, the Dutch military intelligence service has discovered that the Chinese threat group obtained access to at least 20,000 FortiGate systems worldwide in 2022 and 2023 over a span of a few months, at least two months before Fortinet disclosed the CVE-2022-42475 vulnerability.
Dutch new reported, China has denied any involvement in the February report, saying the country “always firmly opposes and cracks down on cyber attacks in all forms in accordance with the law.”
“We will not allow any country or individual using Chinese infrastructure to engage in such illegal activities,” the February statement said.
Source: Source: dutchnews, therecord, bleepingcomputer, ncsc
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
