CyberSec Roundup
A synopsis of the latest Cybersecurity News

FortiOS vulnerability

A hacker who managed to exploit a vulnerability in Fortinet VPNs has posted the IP addresses and credentials for approximately 50,000 of the appliances. The appliances belong to various banks, telecoms and government organizations. The exploit is from a FortiOS vulnerability which was reported early last year which Fortinet has asked their clients to patch. If the device has been recently patched, it would still be a good idea to change credentials of accounts on the device.

Belden Hacked

Belden, a global supplier of networking components suffered a cyber attack last week. They disclosed that they are currently investigating the incident, but it appears the attackers were able to access employee information and some company information through some of their file servers.  

Federal Phishing

U.S. citizens need to be on the lookout for new phishing schemes from cybercriminals pretending to be government agencies offering access to federal aid programs. They ask unsuspecting victims to enter their personal information into online forms. This information can be used for criminal activities such as identity theft.

High Remediation Costs

Sopra Steria was hit with a Ryuk ransomware attack in October. They refused to pay the ransom, and have now reported that the attack will cost them between $48 to $60 million. These would include a combination of costs associated with downtime, and restoring any IT assets that were infected. The ransom that was demanded is unknown.

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker