Business Security Devices Being Used to Launch Ransomware Attacks
Hackers stole login credentials from FortiGate firewalls (security devices used by businesses) and are now using them to launch ransomware attacks.
Source
SecurityWeek
Original headline: FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks
Plain-English summary by GetCyberRight. Read the full report at the source above.
Hackers have stolen login credentials from hundreds of thousands of FortiGate firewalls. These are security devices that businesses use to protect their networks. The attackers collected usernames and passwords from these devices and are now selling or using that access to help ransomware gangs break into companies. Two ransomware groups called INC and Lynx are using this stolen information to lock up business computers and demand payment. This threat primarily affects businesses, schools, hospitals, and other organizations that use FortiGate firewall devices to protect their networks. If you work for a company or organization, your employer's network could be at risk if they use these devices. For home internet users, this does not directly affect your home network unless you specifically purchased and installed a FortiGate device for personal use, which is uncommon for residential settings. If you work in an office or organization, you should take these steps now. First, alert your IT department or technology manager about this threat if they are not already aware. Second, if you have access to any business systems from home, make sure you are using strong, unique passwords for each account. Third, enable two-factor authentication on all work accounts that offer it. This adds an extra security step beyond just your password. Fourth, be extra cautious about suspicious emails or requests to log in to work systems, especially if they seem urgent or unusual.
To protect yourself long term, never reuse passwords across different accounts. Use a password manager to create and store strong, unique passwords for every site and service. Always turn on two-factor authentication when it is available. Stay alert for phishing emails that try to trick you into giving away your login information. If something feels suspicious at work, report it to your IT team right away. Quick reporting can stop an attack before it spreads.
Curated from trusted cybersecurity sources by GetCyberRight
Source: SecurityWeekStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Free Game Teaches Kids About Online Safety Through Play on Roblox
Europol created Cyber Defenders, a free game on Roblox that teaches children how to spot fraud, identity theft, and grooming through interactive missions rather than lectures.
2 min read
New Free Game Teaches Kids About Online Safety Through Play
Europol created a free Roblox game that helps children learn to spot scams, identity theft, and online predators through interactive missions.
2 min read
Claude AI Subscription Change: What It Means for Your Family
If you use Claude AI through a subscription, one version will be temporarily unavailable starting July 7. The company says it will return soon.
2 min read
Popular AI Chat Service Making Temporary Changes to Subscription Plans
If your family uses Claude AI for homework help or work tasks, one version will be temporarily unavailable starting in July but will return soon.
2 min read