Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN 113

VPN Cybercrime Advertising Accountability 113

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60 patch 0).

Firewall 138

Firewall VPN Firmware Passwords 138

Security Affairs

FEBRUARY 1, 2024

CISA also warned to continue to audit privilege-level access accounts. Mandiant researchers recently discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices. 20240126.5.xml”

VPN 98

VPN Authentication Software Malware 98

Security Affairs

NOVEMBER 2, 2022

The threat actors were distributing a VPN app embedding a highly sophisticated spyware. The attackers set up Facebook and Instagram accounts with more than 1,000 followers and designed attractive religious-themed graphic materials in order to trick victims into downloading the tainted VPN app. í religion that are banned in Iran.

Spyware 100

Spyware Malware VPN Accountability 100

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. This method poses a risk of exposing sensitive data or enabling fraudulent activities.

VPN 105

VPN Accountability Firewall Data breaches 105

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. ” reads the post published by Kaspersky.

VPN 93

VPN Ransomware Antivirus Firmware 93

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 111

VPN Hacking Authentication Government 111

SecureList

MAY 28, 2024

But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. Most often, communication between the service provider and the client takes place via VPN connections and Remote Desktop Protocol (RDP) services.

VPN 75

VPN Accountability Passwords Antivirus 75

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from your devices or machines.

VPN 86

VPN Cryptocurrency Malware Software 86

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 290

Malware Software Technology Accountability 290

Security Affairs

SEPTEMBER 8, 2023

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. ” reads the advisory published by the IT giant. or earlier).

Ransomware 132

Ransomware VPN Authentication Hacking 132

Security Affairs

DECEMBER 6, 2021

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. NOBELIUM cyberspies leveraged compromised privileged accounts and used SMB, remote WMI, remote scheduled tasks registration, and PowerShell to execute commands within the target environments. Pierluigi Paganini.

Malware 101

Malware VPN Telecommunications Accountability 101

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . The server was secured on July 15 th.

VPN 81

VPN Advertising Passwords Internet 81

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. They might even lock you out of your own accounts by resetting your passwords. Once they’re in, they can grab your emails, usernames, passwords, and more.

DNS 119

DNS VPN Encryption Passwords 119

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. ” Once gained access to the network, crooks expand their network access, for example, escalating privileges of the compromised employees’ accounts. Pierluigi Paganini.

Accountability 97

Accountability VPN Social Engineering Phishing 97

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 316

Cybercrime VPN Malware Penetration Testing 316

Security Affairs

SEPTEMBER 16, 2022

Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners. The malicious code can also act as first-stage malware. “Cybercriminals actively hunt for gaming accounts and gaming computer resources. ” reads the report published by Kaspersky.

Malware 84

Malware Cryptocurrency Hacking Passwords 84

Security Affairs

APRIL 26, 2023

On March 7, 2023, the researchers found a Linux variant of the PingPull that was uploaded to VirusTotal, it had a very low detection rate (3 out of 62) “Despite a largely benign verdict, additional analysis has determined that this sample is a Linux variant of PingPull malware. ” reads the analysis published by Unit 42.

Malware 93

Malware Telecommunications Government VPN 93

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 103

VPN Cybercrime Ransomware Hacking 103

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. The malware is able to take JPG screenshots of the victim’s desktop and submitting it to a remote C2 via a POST to a hardcoded IP address.

Malware 81

Malware Phishing Spyware Cybercrime 81

Security Affairs

NOVEMBER 14, 2022

. “The investigation found that the initial compromise occurred as a result of downloading and running a file that mimicked the “Advanced IP Scanner” software, but actually contained the Vidar malware.” CERT-UA also reported that the Somnia malware is evolving. ” concludes the report. Pierluigi Paganini.

Ransomware 79

Ransomware Computers and Electronics VPN Malware 79

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft 102

Identity Theft VPN Malware Ransomware 102

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. In some attacks, threat actors created an administrative account named itadm.

Ransomware 101

Ransomware Encryption Antivirus VPN 101

Security Affairs

AUGUST 25, 2023

The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with minimal use of malware. Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan.

VPN 79

VPN Manufacturing Education Hacking 79

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 118

Spyware Manufacturing Small Business Surveillance 118

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 97

Data breaches Small Business Hacking Malware 97

Security Affairs

SEPTEMBER 25, 2020

Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and threat actors exfiltrated data. Threat actors implanted a malware in the network of an unnamed federal agency that was able to avoid detection. ” reads the analysis report published by CISA.

VPN 92

VPN Malware Cyber threats Accountability 92

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 252

Scams DDOS Cryptocurrency Accountability 252

Security Affairs

JULY 27, 2023

DepositFiles’ clients are at risk of their personally identifiable information, files, and passwords being stolen. Attackers could also target the company with malware, ransomware, unauthorized access to business payment systems, etc.,” These emails could be infected by malware or ransomware,” researchers said. researchers said.

Data breaches 87

Data breaches VPN Media Passwords 87

Security Affairs

NOVEMBER 17, 2021

One of the campaigns monitored by the experts and conducted by PHOSPHORUS APT group leveraged known vulnerabilities in Fortinet FortiOS SSL VPN and Microsoft Exchange Servers to deploy ransomware on vulnerable networks. . The CURIUM group leverage a network of fake social media accounts to trick the victims into installing malware.

VPN 100

VPN Social Engineering Accountability Media 100

Security Affairs

AUGUST 10, 2022

The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. ” continues the analysis.

Ransomware 122

Ransomware Hacking VPN Phishing 122

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 101

DDOS VPN Data breaches Cybercrime 101

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware 91

Malware Phishing VPN Accountability 91

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware 67

Ransomware VPN Cybercrime Accountability 67

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 89

Spyware Surveillance Identity Theft DDOS 89

Security Affairs

MARCH 22, 2021

of computers in the ICS engineering and integration sector protected by Kaspersky were targeted by malware, an increase compared with detections for H1 2020 (31.5%). Latin America, the Middle East, Asia and North America were the regions with the highest number infections attempts blocked by the security solutions in H2 2020.

Engineering 128

Engineering VPN Accountability Software 128

SecureList

DECEMBER 12, 2023

” In the course of this research, we found out that the prevalent posts revolved around the sale of compromised accounts, internal databases, and documents, along with access to corporate infrastructures. Sometimes these are just small databases containing unverified information, which can even be generated.

Data breaches 86

Data breaches Accountability Telecommunications Malware 86