Today’s 12 newsworthy articles include: Fortinet VPN MitM flaw, Cisco issues critical IOS XR patches, FinSpy evolves to Linux & MacOS, Ransomware dwell time is a key IOC, MS Exchange servers still vulnerable after 8 months, and Anthem pays $40 million to settle data breach probe.

• Fortinet VPN Flaw Exposes 200K Businesses To MiTM Attacks
• Attacker Dwell Time: Ransomware’s Most Important Metric
• Chinese APT Group Targets Media, Finance, and Electronics Sectors
• Cloud Misconfiguration Mishaps Businesses Must Watch
• Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
• GitHub Tool Spots Security Vulnerabilities in Code
• Critical Flaws Discovered in Popular Industrial Remote Access Systems
• Linux and macOS Versions of Commercial ‘Malware’ FinSpy Found Online by Amnesty International
• OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks
• Microsoft Exchange Servers Still Open to Actively Exploited Flaw
• Cybersecurity Today: The Intersection of Technology and Behavior
• Anthem To Pay Nearly $40 Million To Settle Data Breach Probe