The Qilin ransomware, associated with the Phantom Mantis group, has been leveraging Fortinet vulnerabilities to target organizations worldwide, including high-profile entities like NHS hospitals and major corporations. The campaign exploits multiple flaws, including zero-day vulnerabilities, to gain initial access and deploy ransomware, with a current regional focus on Spanish-speaking countries. #QilinRansomware #PhantomMantis #FortinetVulnerabilities #CVE2024-55591 #CVE2024-21762
Keypoints
- Qilin ransomware is exploiting multiple Fortinet vulnerabilities to attack various organizations globally.
- The operation has targeted high-profile organizations such as NHS hospitals, automotive, and publishing companies.
- Recent attacks include exploits of CVE-2024-55591, a zero-day vulnerability, and CVE-2024-21762, which was patched in February.
- Threat actors are currently focusing on organizations in Spanish-speaking countries but are expanding their targeting opportunistically.
- Nearly 150,000 Fortinet devices remain vulnerable despite patches, highlighting ongoing security risks.
Views: 35
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português