HealthcareCISO

US cyber officials along with allies from Australia and the UK issued an advisory warning the healthcare and transportation sectors about an Iranian government-sponsored advanced persistent threat (APT) group that has been exploiting Microsoft Exchange ProxyShell and Fortinet vulnerabilities.

The FBI, along with the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have observed the APT group exploiting Fortinet vulnerabilities since at least March 2021 and Microsoft Exchange vulnerabilities since at least October 2021.

The threat actors are known to...