
Hackers Breaking Into Business Networks Through Security Devices
Attackers gained access to thousands of Fortinet firewalls and are now selling that access to ransomware criminals who lock up computers and demand payment.
Source
Dark Reading
Original headline: FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs
Plain-English summary by GetCyberRight. Read the full report at the source above.
Cybercriminals have broken into thousands of Fortinet firewall devices. These are security tools that businesses use to protect their computer networks. After gaining access, the hackers are now making money by selling this access to ransomware gangs. These ransomware criminals use the stolen access to break into businesses, lock their computers, and demand payment to unlock them. The attackers are also exploiting a separate security flaw in Nextcloud, which is cloud storage software some organizations use. This mainly affects businesses, schools, healthcare facilities, and other organizations that use Fortinet firewalls or Nextcloud software. If you work for a company, your employer's network could be vulnerable.
Your personal information stored at work, such as payroll details, contact information, or health records, could be at risk if your employer is targeted. Home users are generally not affected unless your household specifically uses these business-grade products. If you work for an organization, take action now. First, inform your IT department about this threat if they have not already addressed it. Second, change your work passwords immediately, especially if you access work systems remotely. Make each password strong and unique. Third, turn on two-factor authentication for all your work accounts. This requires both your password and a second verification step, like a code sent to your phone. Fourth, watch your bank accounts and credit reports for unusual activity, especially if your employer stores your financial information. For long term protection, use different passwords for every account you have. A password manager can help you create and remember strong passwords. Always enable two-factor authentication when offered. Be suspicious of unexpected emails asking you to click links or download files, even if they appear to come from coworkers. Report anything unusual to your IT team immediately. Fast reporting helps stop attacks before they cause serious damage.
Curated from trusted cybersecurity sources by GetCyberRight
Source: Dark ReadingStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Hackers Turning Security Device Access into Ransomware Profits
After breaking into thousands of business security systems, attackers are now selling that access to ransomware gangs who lock files and demand money.
2 min read
Free Game Teaches Kids About Online Safety Through Play on Roblox
Europol created Cyber Defenders, a free game on Roblox that teaches children how to spot fraud, identity theft, and grooming through interactive missions rather than lectures.
2 min read
New Free Game Teaches Kids About Online Safety Through Play
Europol created a free Roblox game that helps children learn to spot scams, identity theft, and online predators through interactive missions.
2 min read
Claude AI Subscription Change: What It Means for Your Family
If you use Claude AI through a subscription, one version will be temporarily unavailable starting July 7. The company says it will return soon.
2 min read