Security Affairs

JANUARY 21, 2023

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL). reads the advisory published by the company.

Hacking 97

Hacking Small Business VPN Internet 97

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 86

Firewall VPN Firmware Internet 86

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources. ” concludes the report.

Malware 103

Malware DNS Authentication Telecommunications 103

Security Affairs

OCTOBER 17, 2023

Sandworm were observed targeting open ports and unprotected RDP or SSH interfaces to gain access to the internet-facing systems. ’ The CERT-UA also reported that the state-sponsored hackers used compromised VPN accounts that weren’t protected by multi-factor authentication. “Note (!) .’ “Note (!)

Telecommunications 107

Telecommunications Authentication Data collection Passwords 107

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 109

VPN Cybercrime Ransomware Hacking 109

Security Affairs

DECEMBER 29, 2022

CVE-2022-27510 flaw is an authentication bypass using an alternate path or channel. The vendor pointed out that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are impacted. . version that’s not impacted by the two flaws.

VPN 96

VPN Internet Internet Authentication 96

Security Affairs

JANUARY 17, 2024

The vulnerability CVE-2023-6548 is an authenticated (low privileged) remote code execution affecting Management Interface. The vendor recommends that customers do not expose the management interface to the internet, as explained in the secure deployment guide. ” reads the advisory. and later releases of 13.1

VPN 109

VPN Software Authentication Internet 109

Security Affairs

DECEMBER 3, 2023

Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. CVE-2023-5960 – An improper privilege management vulnerability in the hotspot feature of some firewall versions could allow an authenticated local attacker to access the system files on an affected device.

Firewall 106

Firewall Authentication VPN Cyber Attacks 106

Security Affairs

AUGUST 3, 2023

” Government experts warn that in 2022, most of the exploited flaws were older software vulnerabilities and that threat actors targeted unpatched, internet-facing systems. According to the advisory, threat actors generally have the most success exploiting known vulnerabilities within the first two years of public disclosure.

Authentication 85

Authentication VPN Hacking Internet 85

Security Affairs

JANUARY 18, 2024

Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP. The vulnerability CVE-2023-6548 is an authenticated (low privileged) remote code execution affecting Management Interface.

Authentication 117

Authentication VPN Software Engineering 117

Security Affairs

MAY 24, 2024

Introduction to TLS and Certificate Transparency Log Securing Internet communications is crucial for maintaining the confidentiality and integrity of information in transit. 509 [2] certificates) and encrypted, authenticated connections (TLS [3] and its precursor, SSL [4] ).

DNS 115

DNS Manufacturing Firewall Internet 115

Security Affairs

APRIL 19, 2022

UPnP is an insecure protocol, it uses network UDP multicasts, and doesn’t support encryption and authentication. ” The vendor also recommends enabling the VPN server function on the user router to access QNAP NAS from the Internet. Only use encrypted HTTPS or other types of secure connections (SSH, etc.).

VPN 103

VPN Internet Internet Firewall 103

eSecurity Planet

AUGUST 22, 2023

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. We’ll cover a range of best practices for remote access security, from the simple and the practical to the more advanced.

Passwords 97

Passwords Authentication Encryption VPN 97

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering 119

Social Engineering VPN Phishing Authentication 119

Security Affairs

AUGUST 29, 2021

. “Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server.” ” reads the advisory published by the company.

VPN 121

VPN Encryption Authentication Hacking 121

Security Affairs

AUGUST 17, 2021

An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker. The vulnerability impacts Fortinet FortiWeb versions 6.3.11

Authentication 99

Authentication VPN Internet Internet 99

Security Affairs

MARCH 21, 2023

The hackers were also able to turn off the two-factor authentication (2FA). On March 17-18th, 2023, GENERAL BYTES experienced a security incident. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN. ” continues the notice.

Cryptocurrency 82

Cryptocurrency VPN Manufacturing Firewall 82

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications 97

Telecommunications Authentication Passwords Accountability 97

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 85

VPN Firewall Firmware Authentication 85

Security Affairs

APRIL 30, 2021

These are essential elements of implementing a Zero Trust strategy for IoT/OT. • Reduce the attack surface by eliminating unnecessary internet connections to OT control systems and implementing VPN access with multi-factor authentication (MFA) when remote access is required.

IoT 107

IoT VPN Firewall Risk 107

Security Affairs

APRIL 8, 2022

Authentication. Two-factor authentication is another important security measure for the cloud era. Increasingly, passwordless authentication is becoming the norm. Not all providers are created equal, and it’s important to do your research to find one that will meet your specific needs and security requirements.

Cybersecurity 102

Cybersecurity Passwords Penetration Testing Encryption 102

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware 71

Ransomware VPN Cybercrime Accountability 71

Security Affairs

MAY 9, 2022

The Jester stealer is able to steal credentials and authentication tokens from Internet browsers, MAIL/FTP / VPN clients, cryptocurrency wallets, password managers, messengers, game programs, and more.

Password Management 86

Password Management VPN Cryptocurrency Government 86

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” ” reads the advisory published by Sophos.

Firewall 82

Firewall VPN Passwords Internet 82

Security Affairs

SEPTEMBER 3, 2021

. “Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Use multifactor authentication with strong pass phrases where possible.

Ransomware 99

Ransomware Passwords Backups Firmware 99

Security Affairs

MAY 25, 2023

In order to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. Volt Typhoon targets internet-facing Fortinet FortiGuard devices to achieve initial access to targeted organizations. ” continues the report.

Accountability 78

Accountability VPN Manufacturing Firewall 78

Security Affairs

JANUARY 19, 2021

The threat actors are using Voice over Internet Protocol (VoIP) platforms to obtain employees’ credentials. The alert reports the case of an attack in which cyber criminals found an employee via the company’s chatroom, and tricked him into logging into the fake VPN page. ” reads the FBI alert.

Accountability 103

Accountability VPN Social Engineering Phishing 103

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. The state of IoT is poor enough as it is, security wise. Consider installing and using a VPN.

Ransomware 136

Ransomware Manufacturing Passwords Internet 136

Security Affairs

JUNE 19, 2020

The CVE-2020-4529 could allow an authenticated attacker to send unauthorized requests from a system, potentially leading to other attacks, such as network enumeration, “IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF). ” reads the security advisory. .

VPN 96

VPN Advertising Authentication Passwords 96

Security Affairs

JULY 8, 2021

Critical) Update available CVE-2020-7387 CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor in AdxAdmin 5.3 Medium) Update available CVE-2020-7389 CWE-306 Missing Authentication for Critical Function in Developer Environment in Syracuse 5.5 CVE-2020-7390 CWE-79 : Persistent Cross-Site Scripting (XSS) in Syracuse 4.6

Hacking 108

Hacking Authentication VPN Software 108

The Last Watchdog

MARCH 6, 2020

For many Chief Information Security Officers, having the CEO’s ear, at the moment, is proving to be a double-edged sword, Pollard told me. “We As part of the rush to leverage the Internet cloud to transact with remote workers, third-partner suppliers and customers, companies opened up endless fresh attack vectors.

CISO 185

CISO VPN Digital transformation Internet 185

Security Affairs

MARCH 16, 2022

As Duo’s default configuration settings allow for the re-enrollment of a new device for dormant accounts, the actors were able to enroll a new device for this account, complete the authentication requirements, and obtain access to the victim network.” ” reads the joint advisory. ” continues the analysis.

Accountability 94

Accountability Passwords Authentication Firmware 94

Security Affairs

OCTOBER 1, 2020

.” The US CISA agency also published a security advisory to warn of risks associated with the successful exploitation of the flaws in the B&R Automation systems. Also recognize that VPN is only as secure as the connected devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 110

Advertising Authentication VPN Firewall 110

Security Affairs

APRIL 3, 2022

Sophos Firewall affected by a critical authentication bypass flaw Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict Security Affairs newsletter Round 358 by Pierluigi Paganini Western Digital addressed a critical bug in My Cloud OS 5 CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog. And how to prevent it?

Firewall 81

Firewall Hacking DDOS VPN 81

Security Affairs

DECEMBER 8, 2019

Europol seized 30,506 Internet domain names for IP Infringement. A flaw in Microsoft OAuth authentication could lead Azure account takeover. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. OpenBSD addresses authentication bypass, privilege escalation issues. The evolutions of APT28 attacks.

Advertising 54

Advertising DDOS VPN Authentication 54

Security Affairs

APRIL 21, 2020

The increasing number of news articles circulating on the internet in the wake of COVID-19 has resulted in the rise of Phishing attacks which feed on people’s fears. Authentic emails from verified sources would not require this. Trusted Resources for Collecting Information about COVID-19. About the author Rohail Abrahani.

Scams 101

Scams Phishing Artificial Intelligence VPN 101

Security Affairs

MAY 7, 2021

Such lapses in database security can (and often do) lead to hundreds of millions of people having their personal information exposed on the internet, allowing threat actors to use that data for a variety of malicious purposes, including phishing and other types of social engineering attacks , as well as identity theft.

Passwords 131

Passwords Authentication Identity Theft Engineering 131