The Fog ransomware group is utilizing stolen VPN credentials and system vulnerabilities to access and encrypt data in virtual environments.
Predominantly attacking the US education sector, Fog exploits the common cybersecurity weaknesses during summer vacations. Organizations should continue to educate employees and enforce practices related to secure credential management practices.