2015, Information Security, Internet and VPN

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN

VPN Firewall Advertising Internet

Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. The cyber spies are stealing sensitive information from the victims since at least 2015, they targeted the two platforms because of their popularity in Iran.

VPN

VPN Internet Internet Software

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. ” continues the researchers.

VPN

VPN Government Advertising Firmware

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. Pierluigi Paganini.

VPN

VPN Firewall Advertising Media

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

FEBRUARY 2, 2020

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. ” continues the Russian Watchdog. Pierluigi Paganini.

Government

Government VPN Telecommunications Advertising

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Security Affairs

MAY 30, 2019

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. The study also revealed that two of those VPN products are under its other developer name, Lemon Clove, and another two by Autumn Breeze 2018. Innovative Connecting VPNs products.

VPN

VPN Small Business Mobile Advertising

REVil ransomware infected 18,000 computers at Telecom Argentina

Security Affairs

JULY 20, 2020

Telecom Argentina , one of the largest internet service providers in Argentina, was hit by a ransomware attack. Immediately after the attack was detected by the internal IT staff, the company warned its employees of not connecting its internal VPN network and avoiding opening emails with suspicious archive attachments. million ransom.

Ransomware

Ransomware VPN Advertising Internet

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP or Internet Protocol address is your digital identity on the internet. It may be used to download unauthorized stuff or may be used for uploading disputed content on the internet. VPN or Virtual Private Network is the most secure way of connecting with the online world. Secure Your Router.

Hacking

Hacking VPN Internet Internet

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

Since early February, the Russian government has blocked other encrypted email and VPN services in Russia, including ProtonMail and ProtonVPN VPN service. The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users.

Encryption

Encryption VPN Government Internet

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server. “First the threat actor logged into a user’s O365 account from Internet Protocol (IP) address 91.219.236[.]166

VPN

VPN Malware Cyber threats Accountability

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

. “The vulnerability can be potentially exploited by sending a malicious request to either the Web Admin or SSL VPN consoles, which would enable an unauthenticated remote attacker to execute arbitrary commands.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. said the spokesperson.

Firewall

Firewall VPN Passwords Internet

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering

Social Engineering VPN Phishing Authentication

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking VPN Advertising Financial Services

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

The memo invited NASA personnel to use VPN and regularly visit a dedicated website that provides information related to working during the COVID-19 outbreak. Below the list of suggestions included in the agency’s memo: Use the NASA VPN, prior to beginning to work. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Banking Advertising Ransomware

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. authorities sanction six Nigerian nationals for BEC and Romance Fraud. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

DDOS

DDOS Spyware Mobile Advertising

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used employee’s VPN to access the LinkedIn’s internal network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published ZDNet.

Hacking

Hacking Cybercrime Data breaches Advertising

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

So if our ‘warehouse worker’ or equivalent connects through a properly configured VPN, that person’s access within the corporate network is restricted to what they need— from that particular system and email, for example. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Authentication Passwords

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Mobile

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The nation-state hackers are scanning the entire internet, in search of vulnerable webmail and Microsoft Exchange Autodiscover servers that expose TCP ports 445 and 1433. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the report. ” concludes the report.

Phishing

Phishing Accountability Advertising DNS

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

AUGUST 22, 2019

The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. BullGuard VPN for instance uses military grade encryption which would take more than a lifetime to crack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Encryption Passwords Small Business

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

CISA also published a security advisory for these vulnerabilities, the US agency provided the following recommendations to the users: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Also recognize that VPN is only as secure as the connected devices.

Advertising

Advertising Authentication VPN Firewall

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

Europol seized 30,506 Internet domain names for IP Infringement. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Google warned 12K+ users targeted by state-sponsored hackers. Twitter account of Huawei Mobile Brazil hacked.

Advertising

Advertising DDOS VPN Authentication

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Security Affairs

APRIL 28, 2020

After reviewing the attack logs of the Denial of Service, Qurium could quickly determine that the attacker was using Fineproxy VPN service to build a botnet to flood the website. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. According to Article 13.3 Article requested to be removed. Pierluigi Paganini.

DDOS

DDOS Media VPN Advertising

How to Protect Against COVID-19 Email Scams

Security Affairs

APRIL 21, 2020

The increasing number of news articles circulating on the internet in the wake of COVID-19 has resulted in the rise of Phishing attacks which feed on people’s fears. Use a VPN: You should use a cheap VPN to deceive hackers as they will not be able to trace your email address. Twitter Handle: [link].

Scams

Scams Phishing Artificial Intelligence VPN

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Data breaches Advertising

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers. ” If you run Docker instances, you have to avoid to expose docker APIs online if possible or limit the access to trusted users from a trusted network or VPN.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet.

IoT

IoT Cybersecurity Manufacturing Internet

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Never use them without proper security measures such as using a VPN. A VPN removes all traces leading back to your original IP address and encrypts your connection to allow safe and private browsing. Software updates often come with releases that patch bugs and security vulnerabilities upon discovery. Avoid Public WI-Fi.

Data privacy

Data privacy Computers and Electronics Government VPN

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

How to secure it. Administrators can follow the Container Journal’s advice by configuring their API servers to allow cluster API access only via the internal network or a corporate VPN. Once they’ve implemented that security measure, they can use RBAC authorization to further limit who has access to the cluster.

Advertising

Advertising Internet Internet VPN

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

Security Affairs

FEBRUARY 2, 2020

This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users. Pierluigi Paganini. SecurityAffairs –.

Telecommunications

Telecommunications VPN Advertising Government

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

“To compromise targeted networks, GALLIUM target unpatched internet-facing services using publicly available exploits and have been known to target vulnerabilities in WildFly/JBoss.” The researchers also observed the GALLIUM threat actors employing SoftEther VPN software to access the target network and maintain persistence.

Telecommunications

Telecommunications DNS Malware Advertising

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Government Authentication Advertising

Hackers patch Citrix servers to deploy their own backdoor

Security Affairs

JANUARY 19, 2020

Below a web server access log entry reporting the exploitation attemp: 127.0.0.2 – – [12/Jan/2020:21:55:19 -0500] “POST /vpn/./vpns/portal/scripts/newbm.pl vpns/portal/scripts/newbm.pl Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising VPN Internet

7 VPN services left data of millions of users exposed online

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . The server was secured on July 15 th.

VPN

VPN Advertising Passwords Internet

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

Privilege Escalation flaw found in Forcepoint VPN Client for Windows. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Portugues hacker faces hundreds of Charges in Football Leaks case. Portuguese hacker faces hundreds of Charges in Football Leaks case. Pierluigi Paganini. SecurityAffairs – newsletter).

Data breaches

Data breaches Advertising Malware VPN

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Also recognize that VPN is only as secure as the connected devices.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Backups

Backups Authentication Advertising Firmware

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Maryland was one of the very first states to recognize the importance of information security, not only as a critical issue for the nation, but also as a strategic industry for the state,” said Governor Larry Hogan. cybersecurity job openings – 350,000 to be exact – is up from 209,000 in 2015. The current number of U.S.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

IoT and Cybersecurity: What’s the Future?

Security Affairs

MAY 2, 2022

They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. In March 2021, hackers gained access to a security company’s surveillance cameras and live-streamed those video feeds from hospitals, jails, schools, police stations, gyms, and even Tesla.

IoT

IoT Cybersecurity VPN Internet

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

MAY 29, 2019

Wi-Fi are now installed in each and every place regardless of the size of the place; from international airports to small kiosks, you can find an internet connection everywhere. Staying safe on the internet is not an easy task and this task becomes more challenging while you are using public Wi-Fi. Opt for VPN. Browse Safely.

Hacking

Hacking VPN Passwords Internet

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

Another successful strategy for preventing phishing is to secure your device using anti-malware, antivirus, VPN and other security softwares. You can further secure your connection by using a VPN. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Accountability Authentication Passwords

Black Hat USA 2023 NOC: Network Assurance

Cisco Security

AUGUST 28, 2023

This allows us to capture telemetry from the edge devices’ egress interface giving us insights into traffic from the external internet, inbound to the Blackhat network. An example of this was noticed with an Urban VPN (Virtual Private Network) provider which appears to grab configuration files in clear text with basic authentication.

Wireless

Wireless DNS Mobile Technology

The Hacker Mind Podcast: Shall We Play A Game?

ForAllSecure

JANUARY 27, 2021

So I originally had kind of participated in cyber stakes, way back in 2015. I found cyber stakes back in 2015 was at the service Academy at the Coast Guard for me, and the military cares a little bit more about like the security of stuff like sure it's cool, you can make this. Is that going to be public on the internet.

Computers and Electronics

Computers and Electronics InfoSec Hacking Education

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Trending Sources

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

The Russian Government blocked ProtonMail and ProtonVPN

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

REVil ransomware infected 18,000 computers at Telecom Argentina

5 Ways to Protect Yourself from IP Address Hacking

Russian govn blocked Tutanota service in Russia to stop encrypted communication

CISA says federal agency compromised by malicious cyber actor

Sophos fixed a critical vulnerability in Cyberoam firewalls

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Iran-linked APT group Pioneer Kitten sells access to hacked networks

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs newsletter Round 283

Security Affairs newsletter Round 269

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Russia-linked APT28 has been scanning vulnerable email servers in the last year

The Dangers of Using Unsecured Wi-Fi Networks

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs newsletter Round 243

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

How to Protect Against COVID-19 Email Scams

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Doki, an undetectable Linux backdoor targets Docker Servers

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

GALLIUM Threat Group targets global telcos, Microsoft warns

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Hackers patch Citrix servers to deploy their own backdoor

7 VPN services left data of millions of users exposed online

Security Affairs newsletter Round 233

CISA warns of critical flaws in Prima FlexAir access control system

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

IoT and Cybersecurity: What’s the Future?

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

5 Common Phishing Attacks and How to Avoid Them?

Black Hat USA 2023 NOC: Network Assurance

The Hacker Mind Podcast: Shall We Play A Game?

Stay Connected