eSecurity Planet

MARCH 25, 2022

In November 2021, an unauthorized third party called a Robinhood customer support employee and, through social engineering , gained access to the company’s customer support systems. Partnering with SentinelOne , N-able launched its endpoint detection and response (EDR) and password management solutions in 2019.

VPN 117

VPN Software Authentication Encryption 117

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. Financial departments at high risk.

Ransomware 69

Ransomware Antivirus Malware Banking 69

Malwarebytes

APRIL 30, 2021

In November 2019, the RIPE NCC (the regional Internet registry for Europe, West Asia, and the former USSR) announced that it had exhausted its pool of IPv4 addresses. Anyone who can convince your ISP to give up that information, either by buying it, issuing a subpoena or by social engineering, can learn your address.

VPN 66

VPN Internet Internet Social Engineering 66

Security Affairs

APRIL 25, 2019

The vulnerabilyt was tracked as CVE-2019-10955 and received a CVSS score of 7.1 When remote access is required, use secure methods such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. VPN is only as secure as the connected devices.

Firmware 72

Firmware Social Engineering Advertising Malware 72

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. Late 2019 and all of 2020 were marked by an unprecedented surge in ransomware attacks. In late 2019, ransomware operators adopted a new technique.

Banking 127

Banking Ransomware Phishing Marketing 127

Security Affairs

MARCH 27, 2023

Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel. The module also exfiltrates 2FA secrets from Twilio’s Authy local storage.

Malware 81

Malware Social Engineering Encryption Marketing 81

eSecurity Planet

MAY 28, 2021

Whether it’s a VPN , firewall , or remote access server, unauthorized entry via network gateways is a problem. Initial access methods for gateways dominate the Dark Web market, with 45% using traditional initial access like RDP , VPN, and RCE. Also Read: How to Prevent DNS Attacks. Supply Chain Attacks.

Software 116

Software Firmware DNS VPN 116

SecureList

NOVEMBER 23, 2021

Data from the Brazilian Federation of Banks registered a considerable increase in crime (such as explosions at bank branches to steal money) and cybercrime (increased phishing and social-engineering attacks) against banking customers and banking infrastructure. Also, many groups relied on vulnerabilities in VPN servers.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Ransomware 112

SecureList

OCTOBER 17, 2023

These are new variants of the same hacking tools that we first reported in August 2019, and later detailed again in June 2021. These variants go beyond Ligolo’s standard functionality and attempt to emulate VPN solutions from Cisco and Palo Alto. We have also seen a campaign from a newly discovered threat actor, BadRory.

Government 109

Government Malware VPN Manufacturing 109

SecureList

APRIL 27, 2021

One of the suspected FinFly Web servers was active for more than a year between October 2019 and December 2020. We investigated a long-running espionage campaign, dubbed A41APT, targeting multiple industries, including the Japanese manufacturing industry and its overseas bases, which has been active since March 2019. Final thoughts.

Malware 142

Malware Spyware Government Social Engineering 142

SecureList

NOVEMBER 1, 2022

In 2019, SoleDragon was also deployed through Skype. It provides victims with a VPN connection that can be used to browse these resources. Our report focuses much more on the TTPs used by the threat actor in intrusions between late 2019 and mid-2021. SoleDragon is complex malware used by the SilentBreak threat group.

Malware 142

Malware Ransomware Spyware Encryption 142

SecureList

NOVEMBER 17, 2021

When we wrote this prediction, we were mainly thinking about a continuation of all the malicious activities targeting VPN appliances. We nevertheless observed some threat actors, such as APT10, who were exploiting these vulnerabilities to hijack VPN sessions. But this prediction also came true another way.

Mobile 134

Mobile Surveillance Ransomware Government 134

SecureList

OCTOBER 26, 2021

We discovered another set of TTPs targeting aerospace and defense research establishments in India between 2019 and the end of June 2021, featuring two previously unknown backdoors: LGuarian and HTTP_NEWS. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Final thoughts.

Malware 143

Malware Government Surveillance Spyware 143

Herjavec Group

AUGUST 23, 2021

LockBit ransomware was initially discovered in September 2019. Since then, the malware has been used in ransomware attacks against a range of industries located across the globe.

Ransomware 52

Ransomware Encryption Manufacturing Backups 52

eSecurity Planet

DECEMBER 7, 2023

Phishing and social engineering are common ways threat actors can obtain a symmetric key, but cryptanalysis and brute force attempts can also break symmetric key ciphers. New applications no longer use TDES, but TDES-encrypted data can be found in legacy environments and Microsoft only retired 3DES from use within Office 365 in 2019.

Encryption 107

Encryption Authentication Passwords Password Management 107

SiteLock

OCTOBER 21, 2021

NGFWs complement the capabilities of traditional firewalls by integrating the functions of a VPN gateway, intrusion detection and prevention (IDS/IPS) based on signatures, traffic inspection, and proxying application layer protocols with basic verification of their correctness and compliance with standards. What Does WAF Protect?

Firewall 52

Firewall Information Security Penetration Testing Banking 52