2015, Information Security, Passwords and VPN

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN

VPN Government Authentication Advertising

7 VPN services left data of millions of users exposed online

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . The server was secured on July 15 th.

VPN

VPN Advertising Passwords Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. “Agent Tesla is now able to harvest configuration data and credentials from a number of common VPN clients, FTP and Email clients, and Web Browsers.

Passwords

Passwords Spyware VPN Malware

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN

VPN Hacking Advertising Authentication

IoT and Cybersecurity: What’s the Future?

Security Affairs

MAY 2, 2022

In March 2021, hackers gained access to a security company’s surveillance cameras and live-streamed those video feeds from hospitals, jails, schools, police stations, gyms, and even Tesla. After the 2015 cyberattack that disabled the power grid in parts of Ukraine, the U.S. Secure Your Network with a VPN.

IoT

IoT Cybersecurity VPN Internet

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

. “Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet” Attackers attempt to brute-force the username and password used to protect RDP access to systems exposed online, they can use combinations of random characters or leverage dictionary of most popular passwords.

Passwords

Passwords Advertising VPN Authentication

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware VPN Advertising Marketing

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The Iranian hackers belong to an Iran-based threat actor that was behind attacks exploiting vulnerabilities in Pulse Secure VPN, Citrix Application Delivery Controller (ADC) and Gateway , and F5’s BIG-IP ADC products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Passwords Advertising Password Management

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

VPN or Virtual Private Network is the most secure way of connecting with the online world. VPN also provides an encrypted tunnel for all your online activities and closes all doors for spies and cybercriminals. VPN also provides an encrypted tunnel for all your online activities and closes all doors for spies and cybercriminals.

Hacking

Hacking VPN Internet Internet

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server. 166 and then browsed pages on a SharePoint site and downloaded a file (Data from Information Repositories: SharePoint [ T1213.002 ]).

VPN

VPN Malware Cyber threats Accountability

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password. MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” said the spokesperson. Pierluigi Paganini.

Firewall

Firewall VPN Passwords Internet

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering

Social Engineering VPN Phishing Authentication

Security Affairs newsletter Round 276

Security Affairs

AUGUST 9, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – cyber security, newsletter). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Advertising VPN

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

“Some of their goals include accessing sensitive information, user names and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams,”. Below the list of suggestions included in the agency’s memo: Use the NASA VPN, prior to beginning to work. ” continues the memo.

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer. exe,’ which is the Kpot password-stealing Trojan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. One of these files is, ‘file1.exe,’

Ransomware

Ransomware Cryptocurrency Advertising Passwords

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used employee’s VPN to access the LinkedIn’s internal network. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. Pierluigi Paganini.

Hacking

Hacking Cybercrime Data breaches Advertising

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

AUGUST 22, 2019

They can see the passwords you use, your email address, your name and physical address, phone numbers and any other type of personal information that you might happen to enter into a website. For instance there are automated tools that look for passwords and write them into a file whenever they see one. Pierluigi Paganini.

VPN

VPN Encryption Passwords Small Business

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware VPN Data breaches Advertising

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Mobile

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

So if our ‘warehouse worker’ or equivalent connects through a properly configured VPN, that person’s access within the corporate network is restricted to what they need— from that particular system and email, for example. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Authentication Passwords

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Never use them without proper security measures such as using a VPN. A VPN removes all traces leading back to your original IP address and encrypts your connection to allow safe and private browsing. Software updates often come with releases that patch bugs and security vulnerabilities upon discovery. Avoid Public WI-Fi.

Data privacy

Data privacy Computers and Electronics Government VPN

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware Advertising Engineering VPN

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. printing access badges.

Government

Government Hacking Advertising Passwords

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Security Affairs

OCTOBER 15, 2020

Information shared about the cyber attacks suggests that the company was the victim of a ransomware attack. In August, the website ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. Pierluigi Paganini. SecurityAffairs – hacking, malware).

Cyber Attacks

Cyber Attacks VPN Backups Ransomware

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

In order to move laterally within the target networks, hackers used well-known techniques, such as dumping credentials from memory and accessing password managers on compromised systems. Attackers use stolen VPN credentials to securely connect the target network. Pierluigi Paganini. SecurityAffairs – APT20, hacking).

VPN

VPN Hacking Software Advertising

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Security Affairs

JANUARY 4, 2020

“We do what we can to increase our OpSec when using our laptop in public-such as using a good VPN provider, 2FA, and password database auto-fill to prevent network or shoulder-based eavesdropping,” says Altfield. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising VPN Engineering Authentication

Imperva explains how hackers stole AWS API Key and accessed to customer data

Security Affairs

OCTOBER 14, 2019

These included: email addresses hashed and salted passwords “. Laked data included email addresses and hashed and salted passwords for all Cloud WAF customers who registered before 15th September 2017. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by Imperva. “We

Firewall

Firewall Passwords Accountability Data breaches

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

Security researchers Pierre Kim and Alexandre Torres have discovered several vulnerabilities Zyxel Cloud CNM SecuManager software that could expose users to cyber attacks. ” Experts also reported the use of predefined passwords for admin accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability

Accountability Advertising Software Authentication

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. This information is then used for unauthorized and illegal activities, which could have a devastating impact on individuals and organizations. Use Two Factor Authentication. Pierluigi Paganini.

Phishing

Phishing Accountability Authentication Passwords

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

MAY 29, 2019

This data may include your personal and secretive details like emails, social media accounts, passwords, bank details, and other crucial stuff. Some of these Wi-Fis are secured with a password while others are just open for all. Password protected public Wi-Fi are a bit safer than the open public Wi-Fi and are better to opt for.

Hacking

Hacking VPN Passwords Internet

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The attackers connects to a dedicated commercially-shared VPN server using OpenVPN and then uses compromised email credentials to send out credential spam via a commercial email service provider. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Accountability Advertising DNS

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

The affiliates used to deliver the threat via brute-forcing attacks on RDP servers or exploiting known vulnerabilities in VPN servers and firewalls. Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).” continues the alert.

Ransomware

Ransomware VPN Cybercrime Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. It can be prevented through the use of an online VPN.

IoT

IoT Cybersecurity Manufacturing Internet

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

Privilege Escalation flaw found in Forcepoint VPN Client for Windows. Thinkful forces a password reset for all users after a data breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Portugues hacker faces hundreds of Charges in Football Leaks case. Pierluigi Paganini.

Data breaches

Data breaches Advertising Malware VPN

Security Affairs newsletter Round 229 – News of the week

Security Affairs

SEPTEMBER 1, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510. Foxit Software discloses a data breach that exposed user passwords.

eCommerce

eCommerce Data breaches Malware Advertising

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Antivirus Malware Banking

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

“The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges.” Also recognize that VPN is only as secure as the connected devices.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Backups

Backups Authentication Advertising Firmware

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

Security Affairs

MAY 27, 2020

They include, among others, using VPN whenever accessing servers through RDP, creating complex passwords for the accounts used for access via RDP and changing them regularly, restricting the list of IP addresses that can be used to make external RDP connections, and many others. Pierluigi Paganini.

Ransomware

Ransomware Phishing Advertising Encryption

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

Attackers can then determine the IP range of their victim’s domains, WHOIS records which sometimes contain information on the technical contacts in the company, or subdomains that may contain the victim’s webmail portal, VPN login page, or a company’s Intranet. It is true that these verticals are heavily targeted.

Phishing

Phishing Social Engineering Engineering Healthcare

Black Hat USA 2023 NOC: Network Assurance

Cisco Security

AUGUST 28, 2023

In some instances, it was possible to observe clear-text LDAP bind attempts which disclosed which organization the device belonged to or direct exposure of the username and password combination through protocols such as POP3, LDAP, HTTP (Hyper Text Transfer Protocol) or FTP. Cleartext passwords and usernames disclosed in traffic.

Wireless

Wireless DNS Mobile Technology

Fortinet VPN with default certificate exposes 200,000 businesses to hack

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Webinars

Trending Sources

7 VPN services left data of millions of users exposed online

Webinars

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

IoT and Cybersecurity: What’s the Future?

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

RDP brute-force attacks rocketed since beginning of COVID-19

Netwalker ransomware operators claim to have stolen data from Forsee Power

US CISA report shares details on web shells used by Iranian hackers

5 Ways to Protect Yourself from IP Address Hacking

CISA says federal agency compromised by malicious cyber actor

Sophos fixed a critical vulnerability in Cyberoam firewalls

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs newsletter Round 276

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

15 billion credentials available in the cybercrime marketplaces

The Dangers of Using Unsecured Wi-Fi Networks

Colocation data centers giant Equinix data hit by Netwalker Ransomware

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Netwalker ransomware operators leaked files stolen from K-Electric

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Op Wocao – China-linked APT20 was able to bypass 2FA

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Imperva explains how hackers stole AWS API Key and accessed to customer data

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

5 Common Phishing Attacks and How to Avoid Them?

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Russia-linked APT28 has been scanning vulnerable email servers in the last year

NetWalker ransomware operators have made $25 million since March 2020

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs newsletter Round 233

Security Affairs newsletter Round 229 – News of the week

Ransomware Revival: Troldesh becomes a leader by the number of attacks

CISA warns of critical flaws in Prima FlexAir access control system

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

Phishing: What Everyone in Your Organization Needs to Know

Black Hat USA 2023 NOC: Network Assurance

Stay Connected