2019, Firmware, Hacking and VPN - Cyber Security Informer

2019

Firmware

Hacking

VPN

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware

Ransomware Firmware Mobile InfoSec

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. The attacker is snooping on port 21,25,143,110 (1/2) — 360 Netlab (@360Netlab) December 25, 2019. #0-day

Firmware

Firmware VPN Accountability Advertising

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ CVE-2019-19781 enabled the actors to execute directory traversal attacks.[

Government

Government VPN Firmware Energy and Utilities

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. SecurityAffairs – hacking, botnet). Pierluigi Paganini.

IoT

IoT DDOS Malware Firmware

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

Security Affairs

APRIL 4, 2019

Firmware updates that address this vulnerability are not currently available. The first one could be exploited by a remote and unauthenticated attacker with admin privileges to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ). through 1.4.2.20.

Small Business

Small Business Firmware Advertising VPN

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. SecurityAffairs – hacking, Fortinet FortiOS).

Passwords

Passwords Government Firmware Accountability

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Security Affairs

APRIL 25, 2019

The vulnerabilyt was tracked as CVE-2019-10955 and received a CVSS score of 7.1 Rockwell has released firmware updates that address the vulnerability for the affected controllers. VPN is only as secure as the connected devices. SecurityAffairs – Rockwell, hacking). Pierluigi Paganini.

Firmware

Firmware Social Engineering Advertising Malware

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Security Affairs

JANUARY 3, 2020

One of the flaws is a remote command execution flaw , tracked as CVE-2019-17621, that resides in the code used to manage UPnP requests. The other vulnerability is an information disclosure issue that could be exploited by an attacker to obtain a device’s VPN configuration file, potentially exposing sensitive information.

Advertising

Advertising Firmware VPN Authentication

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The most severe vulnerability, tracked as CVE-2019-7670, is an OS command injection flaw. Another issue, tracked as CVE-2019-7669, is an improper validation of file extensions when uploading files that was rated as CVSS score of 9.1. Another critical issue, tracked as CVE-2019-7672, received a CVSS score of 8.8.

Backups

Backups Authentication Advertising Firmware

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak. FC Barcelona and the International Olympic Committee Twitter accounts hacked. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks. Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

Upon further investigation we also discovered additional implants deployed through both ShadowPad and ShadowShredder, such as Quarian backdoor, PlugX, Poison Ivy and other hack tools. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services.

Malware

Malware Government Surveillance Spyware

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Webinars

Trending Sources

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Webinars

HelloKitty ransomware gang targets vulnerable SonicWall devices

Hackers target zero-day flaws in enterprise Draytek network devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

A new Zerobot variant spreads by exploiting Apache flaws

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs newsletter Round 252

APT trends report Q3 2021

Stay Connected