APT41 Compromised Six U.S. State Government Networks | allinfosecnews.com

March 11, 2022, 7:39 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a report that threat actor APT41 compromised at least six networks belonging to U.S. state governments between May 2021 and February 2022. To gain a foothold into the victim's network, the threat actor used a number of different attack vectors: exploiting vulnerable Internet facing web applications and directory traversal vulnerabilities, performing SQL injection, and conducting de-serialization attacks. The intent of APT41 appears to be reconnaissance, though how the stolen information is to be used has …

apt41 government networks state state government

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Akira Ransomware Attack 2 hours ago | fortiguard.fortinet.com

access advisory akira akira ransomware +17

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 4 days, 7 hours ago | fortiguard.fortinet.com

advisory attack code code injection +27

XZ Utils Supply Chain Attack (CVE-2024-3094) 2 weeks, 2 days ago | fortiguard.fortinet.com

attack code compression cve +25

Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 3 weeks, 2 days ago | fortiguard.fortinet.com

access attacker code code execution +25

Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 3 weeks, 3 days ago | fortiguard.fortinet.com

access application application developers attackers +31

Kimsuky Malware Attack 3 weeks, 4 days ago | fortiguard.fortinet.com

attack cyber entities espionage +15

JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month ago | fortiguard.fortinet.com

attacker authentication authentication bypass bypass +15

ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 3 weeks ago | fortiguard.fortinet.com

access advisory application attackers +28

Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410) 2 months ago | fortiguard.fortinet.com

attacks can critical cve +27

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Intermediate Security Engineer, (Incident Response, Trust & Safety)

@ GitLab | Remote, US

View on infosec-jobs.com

Journeyman Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States

View on infosec-jobs.com

Project Manager II - Compliance

@ Critical Path Institute | Tucson, AZ, USA

View on infosec-jobs.com

Junior System Engineer (m/w/d) Cyber Security 1

@ Deutsche Telekom | Leipzig, Deutschland

View on infosec-jobs.com