Ctrl+Alt+Oops: FortiBleed criminal's logins stitch two gangs together
Summary
Researchers analyzing logs from the FortiBleed vulnerability have uncovered an operational security failure where at least one individual appears to have worked with both the INC and Lynx ransomware gangs concurrently. This suggests a potential collaboration or overlap between these distinct threat actors.
IFF Assessment
This article details how a single actor may be involved with multiple ransomware groups, indicating increased sophistication and potential for broader attacks.
Defender Context
The discovery of potential collaboration between distinct ransomware gangs like INC and Lynx, facilitated by an operational security failure, signals a concerning trend for defenders. Organizations should be vigilant for evolving attack patterns and ensure their incident response plans are equipped to handle coordinated or multi-faceted threats.