Today: September 23, 2025
Subscribe
November 18, 2021
1 min read

Iran-backed hackers exploiting Microsoft, Fortinet bugs

The group has highlighted the ongoing malicious cyber activity by an advanced persistent threat (APT) group associated with the government of Iran…reports Asian Lite News

Federal cyber agencies across the US, the UK and Australia have warned that the Iranian government-sponsored hackers are exploiting several vulnerabilities in Microsoft Exchange email server and cyber security company Fortinet to perform malicious activities, which include deploying ransomware.

In an advisory, The US Cybersecurity and Infrastructure Security Agency (CISA) said that they have highlighted the ongoing malicious cyber activity by an advanced persistent threat (APT) group associated with the government of Iran.

“The Federal Bureau of Investigation (FBI) and CISA have observed this Iranian government-sponsored APT exploit Fortinet and Microsoft Exchange ProxyShell vulnerabilities to gain initial access to systems in advance of follow-on operations, which include deploying ransomware,” the CISA said in a statement late on Wednesday.

By breaking into systems through Fortinet vulnerabilities, cybercriminals can “conduct data exfiltration, data encryption, or other malicious activity.”

The CISA, the FBI, the Australian Cyber Security Centre (ACSC), and the UK’s National Cyber Security Centre (NCSC) have released the joint cybersecurity advisory.

“ACSC is also aware this APT group has used the same Microsoft Exchange vulnerability in Australia,” it read.

The Iranian government-sponsored APT group has exploited Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021.

The APT actors are actively targeting a broad range of victims across multiple US critical infrastructure sectors, including the transportation sector and the healthcare and public health sector, as well as Australian organisations.

ALSO READ: Iran reckons India’s role to help peace and stability is very important

“These Iranian government-sponsored APT actors can leverage this access for follow-on operations, such as data exfiltration or encryption, ransomware, and extortion,” the advisory read.

In April this year, the FBI and CISA issued warnings about the vulnerabilities in Fortinet gear being actively exploited.

Microsoft on Wednesday issued its own warning of six Iranian groups using vulnerabilities in the same pair of products to deploy ransomware.

Tags:

Related Posts

Previous Story

Dragon’s trap choke Lanka

Next Story

India at UNSC meet calls for inclusive dispensation in Afghanistan

Latest from Arab News

Riyadh and Islamabad Forge Closer Military Ties

Saudi Arabia and Pakistan strengthen defence ties as shifting regional dynamics push both nations to seek new security alignments Saudi Arabia and Pakistan have deepened their long-standing military partnership by agreeing to

Iran Warns of ‘Strategic Surprises’

Mousavi assured Iranians that the country’s armed forces, relying on strategic surprises, stand fully prepared to confront any threat from “oppressive powers” Major General Abdolrahim Mousavi, Chief of Staff of Iran’s Armed

New York summit for two states

France and Saudi Arabia host a New York summit on Palestinian statehood, with global leaders set to recognise Palestine despite Israel and US boycotts and threats. France and Saudi Arabia will host

Dubai’s big startup bet!

H.H. Sheikh Mohammed launches bold national campaign to transform the UAE into the world’s startup capital, training 10,000 Emirati entrepreneurs and creating 30,000 jobs by 2030. Dubai’s ruler, His Highness Sheikh Mohammed

Palestine Hails Western Recognition

Palestine’s Foreign Ministry welcomed Canada, Australia, and the UK recognising the State of Palestine, saying it aligns with international law….reports Asian Lite News Palestine’s Foreign Ministry has welcomed the recognition of the
Go toTop

Don't Miss

Iran denounces US move to remove it from UN women’s commission

The Iranian envoy said the request for canceling Iran’s membership

Iranian FM apologises for leaked audio

Iran’s Supreme Leader Ayatollah Ali Khamenei has publicly slammed Foreign