2019, Hacking and VPN - Cyber Security Informer

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN

VPN Government Hacking Accountability

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. The statement reveals that one of the two hacking groups was a China-linked cyber espionage group. ” reads the report published by FireEye. ” continues the report.

VPN

VPN Hacking Authentication Government

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN

VPN Advertising Hacking Government

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability. Now CISA agency confirmed that threat actors continue to exploit the CVE-2019-11510 flaw.

VPN

VPN InfoSec Advertising Cybersecurity

North Korean cyber attacks income and free VPN data breach

CyberSecurity Insiders

JUNE 6, 2023

In 2019, the United Nations released an estimate confirming that the North Korean regime, led by Kim Jong Un, had accumulated a staggering $2 billion by launching hacks on cryptocurrency firms and internationally recognized banks. These cyber attacks have proven to be a lucrative source of income for the reclusive nation.

Data breaches

Data breaches VPN Cyber Attacks Cryptocurrency

21 million free VPN users’ data exposed

Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. So this is a mess, and a timely reminder of why trust in a VPN provider is so crucial. Past VPN errors.

VPN

VPN Passwords Internet Internet

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

VPN

VPN Passwords Software Telecommunications

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. SecurityAffairs – CVE-2019-14899 , hacking). Pierluigi Paganini.

VPN

VPN Encryption Advertising Authentication

Thousands of Hacked Disney+ Accounts now Sold Online

SecureBlitz

APRIL 11, 2024

Social media platforms and online forums are full of lamentations by Disney+ users’ complaints about their hacked Disney accounts. The highly anticipated launch of Disney+ in November 2019 wasn't without its hiccups.

Accountability

Accountability Hacking Media Cybersecurity

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

CSO Magazine

APRIL 20, 2021

Over the past few months, several cyberespionage groups, including one believed to be tied to the Chinese government, have been breaking into the networks of organizations from the United States and Europe by exploiting vulnerabilities in VPN appliances from zero-trust access provider Pulse Secure. Sign up for CSO newsletters. ].

VPN

VPN CSO Hacking Authentication

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. SecurityAffairs – Fox Kitten campaign, VPN ).

VPN

VPN Telecommunications Advertising Hacking

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords

Malwarebytes

SEPTEMBER 9, 2021

A threat actor has leaked a list of almost 500,000 Fortinet VPN credentials, stolen from 87,000 vulnerable FortiGate SSL-VPN devices. The vulnerable SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP requests. The threat actor.

VPN

VPN Passwords Ransomware Internet

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. SecurityAffairs – hacking, Zerologon). The post APT groups chain VPN and Windows Zerologon bugs to attack US government networks appeared first on Security Affairs.

VPN

VPN Government Authentication Advertising

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Security Affairs

OCTOBER 9, 2019

NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws. Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

VPN

VPN Advertising Accountability Healthcare

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. SecurityAffairs – hacking, VPNLab).

VPN

VPN Cybercrime Ransomware Advertising

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

Attack infrastructure used in Cisco hack linked to Evil Corp affiliate

Security Affairs

SEPTEMBER 2, 2022

Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm. Researchers from cybersecurity firm eSentire discovered that the attack infrastructure used in recent Cisco hack was also used to attack a top Workforce Management corporation in in April 2022.

Hacking

Hacking VPN Ransomware Authentication

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “In SecurityAffairs – hacking, Pulse Connect Secure). Pierluigi Paganini.

VPN

VPN Government Authentication Cybersecurity

Zerodium is looking for zero-day exploits in ExpressVPN, NordVPN, and Surfshark Windows VPN clients

Security Affairs

OCTOBER 20, 2021

Zerodium is looking to pay for zero-day exploits for vulnerabilities in the Windows clients of three virtual private network (VPN) service providers, ExpressVPN, NordVPN, and Surfshark. Zerodium is searching for information disclosure, IP address leak, or remote code execution in the Windows VPN software of the three service providers.

VPN

VPN Software Mobile Hacking

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to breach into the target networks. ” reads the alert issued by the NCSC.

VPN

VPN Advertising Healthcare Data breaches

Cisco addressed CVE-2019-1663 RCE flaw in wireless routers

Security Affairs

MARCH 1, 2019

Cisco addressed CVE-2019-1663 critical flaw in several wireless routers that could be exploited by attackers to remotely execute code on the impacted devices. The CVE-2019-1663 flaw received a CVSS score of 9.8, The tech giant fixed the issue in the following releases: RV110W Wireless-N VPN Firewall: 1.2.2.1 Pierluigi Paganini.

Wireless

Wireless VPN Firewall Advertising

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

Dragos Report: Analysis of ICS flaws disclosed in 2019

Security Affairs

FEBRUARY 20, 2020

More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. data historians, OPC servers, cross-domain web applications, and VPN services), their exploitation could potentially allow attackers to move from the IT to the OT networks. SecurityAffairs – ICS, hacking).

Advertising

Advertising VPN Engineering Hacking

VPN apps insecurely store session cookies in memory and log files

Security Affairs

APRIL 12, 2019

At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. What if these VPNs are vulnerable to attackers? 8.3R6, and 9.0R2.

VPN

VPN Marketing Authentication Small Business

North Korea Hacks South Korea's Atomic Energy Institue

SecureWorld News

JUNE 21, 2021

The South Korean Atomic Energy Research Institute (KAERI) recently confirmed that their internal servers had been breached and they suspect a North Korean hacking group to be the culprit. In this process, the researcher even made a move to cover up the hacking.". South Korea Atomic Energy Research Institute Hacked.

Hacking

Hacking VPN Government Technology

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking

Hacking Ransomware Banking Mobile

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. Pierluigi Paganini.

VPN

VPN Firewall Advertising Media

Enterprise and cloud environments have been under siege from Russian hackers since 2019

SC Magazine

JULY 1, 2021

warns that Fancy Bear, a hacking group tied to Russia’s Main Intelligence Directorate (GRU), has been conducting a stealthy two-year espionage campaign that targets global enterprise and cloud environments with brute-force attacks. Adam Berry/Getty Images). A joint alert from the U.S.

Passwords

Passwords Authentication Media Hacking

North Korea Hacks South Korea's Atomic Energy Institute

SecureWorld News

JUNE 21, 2021

The South Korean Atomic Energy Research Institute (KAERI) recently confirmed that its internal servers had been breached and they suspect a North Korean hacking group to be the culprit. In this process, the researcher even made a move to cover up the hacking.". South Korea Atomic Energy Research Institute hacked.

Hacking

Hacking VPN Government Technology

Tracking Iran-linked APT33 group via its own VPN networks

Security Affairs

NOVEMBER 14, 2019

“Among active infections in 2019 are two separate locations of a private American company that offers services related to national security, from a university and a college in the U.S., While investigating the attacks, the experts from Trend Micro collected useful information to understand how APT33 manages its hacking infrastructure.

VPN

VPN Malware Advertising Hacking

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN

VPN Hacking Advertising Authentication

Privilege Escalation flaw found in Forcepoint VPN Client for Windows

Security Affairs

SEPTEMBER 23, 2019

Security researcher Peleg Hadar of SafeBreach Labs discovered a privilege escalation flaw that impacts all versions of Forcepoint VPN Client for Windows except the latest release. “In our exploration, we found that after the Forcepoint VPN Client Service was started, the sgvpn.exe signed process was executed as NT AUTHORITYSYSTEM.”

VPN

VPN Advertising Hacking Malware

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

SEPTEMBER 19, 2021

The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. Edward Snowden expressed concerns about the VPN service offered by ExpressVPN and has warned users to stop using it. If you're an ExpressVPN customer, you shouldn't be. Why Snowden is worried about ExpressVPN?

Surveillance

Surveillance VPN Hacking Cybersecurity

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

FBI 2019 Internet Crime Report: Business email compromise fraud is the costliest attack vector for enterprises

Thales Cloud Protection & Licensing

APRIL 9, 2020

Earlier this year, the FBI released the 2019 Internet Crime Report. With the high amount of cybercriminal activity including hacking attempts and phishing scams, the information in this report is quite timely. Source: FBI 2019 Internet Crime Report. In fact, in 2019 researchers published a report according to which more than 1.5

Internet

Internet Internet Scams Authentication

US takes sweeping action against Russia for years of hacking and election interference

SC Magazine

APRIL 15, 2021

authorities claim assisted Russian intelligence in hacking and election interference schemes. government that Russian agencies were behind the Solar Winds hack last year. That attribution was backed up by Five Eyes intelligence allies , NATO and others in similar announcements today. Jim Hines, D-Conn.,

Hacking

Hacking Government Technology Accountability

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

Security Affairs

MAY 27, 2020

Group-IB , a Singapore-based cybersecurity company that specializes in preventing cyberattacks, found out that the year of 2019 was marked by ransomware evolution and was dominated by increasingly aggressive ransomware campaigns, with its operators resorting to more cunning TTPs, reminding those of APT groups to get their victims shell out.

Ransomware

Ransomware Phishing Advertising Encryption

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

From a business perspective, managing and resetting passwords chews up scarce resources, and yet even with the best possible maintenance passwords are trivial to hack. This is a type of advanced, brute-force hacking that leverages automation. For most of the Internet era, we’ve learned to live with these tradeoffs. and across Europe.

Authentication

Authentication VPN Passwords Hacking

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices.

VPN

VPN Banking Government Hacking

Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs

Security Affairs

AUGUST 23, 2019

Hackers are exploiting recently disclosed flaws in enterprise virtual private network (VPN) products from Fortinet and Pulse Secure. The popular cybersecurity expert Kevin Beaumont has observed threat actors attempting to exploit the CVE-2018-13379 in the FortiOS SSL VPN web portal and CVE-2019-11510 flaw in Pulse Connect Secure.

VPN

VPN Advertising Firewall Hacking

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

This advisory updates another joint CISA-FBI cybersecurity advisory, which warned of attackers combining VPN and Windows Zerologon flaws to target government networks. Hackers also targeted Exim mail agents ( CVE 2019-10149 ) and Fortinet SSL VPNs ( CVE-2018-13379 ). SecurityAffairs – hacking, Energetic Bear).

Government

Government Hacking Advertising Passwords

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

“Globally, in 2021, malicious cyber actors targeted internet-facing systems, such as email servers and virtual private network (VPN) servers, with exploits of newly disclosed vulnerabilities. SecurityAffairs – hacking, SolarMarker). This advisory also includes other frequently exploited vulnerabilities. Pierluigi Paganini.

Software

Software VPN Cybersecurity Internet

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

APRIL 24, 2020

Experts from BadPackets pointed out that attackers might have exploited the Pulse Secure VPN CVE-2019-11510 to compromise the company. BadPackets reported that SeaChange had a Pulse Secure VPN server ( [link] ) vulnerable to CVE-2019-11510 from April 24, 2019 until March 24, 2020. Pierluigi Paganini.

Software

Software Ransomware VPN Advertising

APT hacked a US municipal government via an unpatched Fortinet VPN

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Webinars

Trending Sources

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Webinars

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

North Korean cyber attacks income and free VPN data breach

21 million free VPN users’ data exposed

Hackers Were Inside Citrix for Five Months

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Thousands of Hacked Disney+ Accounts now Sold Online

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Attack infrastructure used in Cisco hack linked to Evil Corp affiliate

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Zerodium is looking for zero-day exploits in ExpressVPN, NordVPN, and Surfshark Windows VPN clients

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Cisco addressed CVE-2019-1663 RCE flaw in wireless routers

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Dragos Report: Analysis of ICS flaws disclosed in 2019

VPN apps insecurely store session cookies in memory and log files

North Korea Hacks South Korea's Atomic Energy Institue

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Enterprise and cloud environments have been under siege from Russian hackers since 2019

North Korea Hacks South Korea's Atomic Energy Institute

Tracking Iran-linked APT33 group via its own VPN networks

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Privilege Escalation flaw found in Forcepoint VPN Client for Windows

Why Edward Snowden is urging users to stop using ExpressVPN?

A Deep Dive Into the Residential Proxy Service ‘911’

FBI 2019 Internet Crime Report: Business email compromise fraud is the costliest attack vector for enterprises

US takes sweeping action against Russia for years of hacking and election interference

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

CISA published 2021 Top 15 most exploited software vulnerabilities

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Stay Connected