2020, Accountability, Authentication and VPN

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

The Last Watchdog

SEPTEMBER 26, 2023

26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. Advertising Practices: Given the complexity and different use cases for VPNs, claims must not mislead.

VPN

VPN Internet Internet Technology

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. ” reads the report published by FireEye. ” continues the report.

VPN

VPN Hacking Authentication Government

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking

Hacking Social Engineering Phishing Scams

Trick or Treat: The Choice is Yours with Multifactor Authentication

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Trick or Treat: The Choice is Yours with Multifactor Authentication. Whether you want the ‘trick’ of a malevolent threat actor infiltrating your network by exploiting a compromised password or the ‘treat’ from the peace of mind associated with multifactor authentication, the choice is yours. Fri, 10/29/2021 - 05:29. Colonial Pipeline.

Authentication

Authentication VPN Passwords Accountability

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. .

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

AUGUST 21, 2020

The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. authenticate the phone call before sensitive information can be discussed.

VPN

VPN Social Engineering Authentication Engineering

Vishing attacks conducted to steal corporate accounts, FBI warns

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. ” Once gained access to the network, crooks expand their network access, for example, escalating privileges of the compromised employees’ accounts. Pierluigi Paganini.

Accountability

Accountability VPN Social Engineering Phishing

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability

Accountability Passwords Authentication Password Management

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The cybersecurity researchers observed threat actors obtaining initial access to organizations through a virtual private network (VPN) service without multifactor authentication (MFA) configured. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware

Ransomware Encryption Antivirus VPN

Security firm SonicWall was victim of a coordinated attack

Security Affairs

JANUARY 23, 2021

The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vulnerabilities in their VPN solutions, such as NetExtender VPN client version 10.x Below the list of affected products shared by THN: NetExtender VPN client version 10.x x and Secure Mobile Access ( SMA ).

VPN

VPN Firewall Mobile Hacking

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

SUPERNOVA malware discovered on SolarWinds Orion server

Malwarebytes

APRIL 23, 2021

Pulse Secure VPN. CISA found that the attacker(s) had access to the enterprise’s network for nearly a year, between March 2020 and February 2021. According to its investigation, the threat actor connected to the entity’s network via a Pulse Secure Virtual Private Network (VPN) appliance. CVE-2020-10148.

Malware

Malware VPN Authentication Passwords

How to improve your workplace’s cybersecurity

CyberSecurity Insiders

APRIL 16, 2021

Interestingly, people seem to have become more aware of the need for a secure workplace in 2020. Nexor, a service provider in the cybersecurity space, asserts that Google searches for ‘cyber defence’ surged by 126% in the first quarter of 2020. Security through a VPN. Password managers and two-factor authentication.

Cybersecurity

Cybersecurity Password Management Passwords Encryption

NYFDS Cybersecurity Regulation Updates Address MFA Hurdles in the Finance Industry

Duo's Security Blog

AUGUST 22, 2022

In 2017, New York Department of Financial Services (NYDFS) passed cybersecurity regulation 23 NYCRR 500, requiring all financial services companies to implement multi-factor authentication (MFA). During the NYDFS cybersecurity investigation from January 2020 to July 2021, they found that more than 18.3

Cybersecurity

Cybersecurity Financial Services VPN Technology

Big Game Ransomware being delivered to organisations via Pulse Secure VPN

DoublePulsar

JANUARY 4, 2020

it allows people without valid usernames and passwords to remotely connect to the corporate network the device is supposed to protect, turn off multi-factor authentication controls, remotely view logs and cached passwords in plain text (including Active Directory account passwords).

VPN

VPN Ransomware Passwords Internet

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering

Social Engineering VPN Phishing Authentication

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

Malwarebytes

APRIL 16, 2021

Expect that the risk from data stolen or modified (including credentials, accounts, and software) before a device was patched will not be alleviated by patching or simple remediation actions. Assume that a breach will happen, enforce least-privileged access, and make password changes and account reviews a regular practice.

VPN

VPN Internet Internet Accountability

An Unholy Union: Remote Access and Ransomware

Approachable Cyber Threats

OCTOBER 16, 2020

During the COVID-19 pandemic for example, you may use a Virtual Private Network (VPN) to connect to your organization’s network as if you’re sitting in the office, or you might use Remote Desktop Protocol (RDP) to connect to your computer that’s now collecting dust on your office desk. VPNs continue to be problematic as well.

Ransomware

Ransomware VPN Internet Internet

Consumer cyberthreats: predictions for 2024

SecureList

NOVEMBER 23, 2023

Cybercriminals continued targeting gamers’ accounts filled with valuable in-game items or giving access to games on several devices, and often used in-game currency to lure victims to participate in their scams. As a result, demand for VPN solutions is expected to see a significant rise globally in the upcoming year.

VPN

VPN Scams Education Internet

FBI warns of education sector credentials on dark web forums

Malwarebytes

MAY 31, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations. Some of their findings: Late 2020 : 2,000 unique username/password.edu combinations were up for sale on the dark web.

Education

Education Social Engineering VPN Accountability

7 Tactics Recently Used By SolarWinds Hackers

SecureWorld News

DECEMBER 8, 2021

The cybersecurity firm noted seven tactics the group has recently used: "Compromise of multiple technology solutions, services, and reseller companies since 2020.". Use of accounts with Application Impersonation privileges to harvest sensitive mail data since Q1 2021.". Use of a new bespoke downloader we call CEELOADER.".

VPN

VPN Authentication Mobile Internet

Access Control: The 5 Single Sign-On Benefits

IT Security Guru

JUNE 30, 2021

In March 2020, many people began working from home due to the COVID-19 pandemic. SSO allows users to access multiple applications, and the underlying data, without having to re-authenticate to access each application. provisioning and de-provisioning a single account). Five Benefits of Single Sign-on.

Password Management

Password Management Passwords VPN B2C

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

Threat actors attempted to exploit a zero-day (CVE-2020-12271) in the Sophos XG firewall to spread ransomware to Windows machines, the good news is that the attack was blocked by a hotfix issued by Sophos. Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Ransomware Passwords VPN

Learning from the Oldsmar Water Treatment Attack to Prevent Critical Infrastructure Breaches

CyberSecurity Insiders

APRIL 1, 2021

The 2020 Global State of Industrial Cybersecurity report found that 74% of IT security professionals are more concerned about a cyberattack on critical infrastructure than an enterprise data breach. Secure Remote Access for Administrators Without a VPN. However, VPNs introduce challenges and risks.

Passwords

Passwords VPN Data breaches Accountability

VPNs begin to lose their relevance, even as they remain difficult to shed

SC Magazine

MARCH 1, 2021

Over the past year, the firm noted a substantial increase in the number of initial access listings for sale on the dark web in 2020, particularly those for VPN access which “flourished off the back of increased remote working trends.” . VPNs are also relatively cheap compared to other popular forms of access.

VPN

VPN Technology Marketing Media

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

Security Affairs

JUNE 21, 2021

Ragnar Locker ransomware gang initially published the archive on the popular MEGA storage service, but the platform closed their account and blocked access to the archives shared by the group. Consider installing and using a VPN. Use multi-factor authentication with strong passwords. Pierluigi Paganini.

Ransomware

Ransomware Passwords VPN Authentication

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

eSecurity Planet

APRIL 28, 2022

Microsoft occupied more than half the list, with Exchange Server accounting for eight of the vulnerabilities. Malicious actors tend to focus on internet-facing systems to gain entry into a network, such as email and virtual private network (VPN) servers, using exploits targeting newly disclosed vulnerabilities. CVE-2020-1472.

Cybersecurity

Cybersecurity Software Firmware Internet

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement.

Ransomware

Ransomware Manufacturing Healthcare Education

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

IBM recently addressed a high-severity issue, tracked as CVE-2020-4529 , in its Maximo asset management solution that could facilitate attacks on making lateral movements within corporate networks. Sometimes employees connect to IBM Maximo directly over the Internet with weak passwords and no VPN, making an attack easier to perform.”

VPN

VPN Advertising Authentication Passwords

FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw

Security Affairs

AUGUST 8, 2020

According to the FBI, Iranian hackers are actively attempting to exploit an unauthenticated RCE flaw, tracked as CVE-2020-5902, in F5 Big-IP ADC devices. Early June, researchers at F5 Networks addressed the CVE-2020-5902 vulnerability, it resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product.

VPN

VPN Advertising Malware Banking

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

.” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Between December 2019 and until February 2020, the experts observed a number of attacks between 70,000 and 40,000 on a daily basis.

Passwords

Passwords Internet Internet Advertising

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

And like everything else in 2020, these next few weeks promise to be a disaster. Credit cards offer markedly better fraud protections than debit cards , which connect directly to your bank account. Virtual credit cards similarly allow online shoppers to mask their financial accounts. Vary login credentials across accounts.

Scams

Scams Retail Banking Passwords

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

This means companies have to be proactive and instill the right habits, which often means resisting the bad habits that lead to millions of successful cyberattacks every year – from the use of generic and easy-to-crack account credentials to the willingness to click on suspicious links and attachments in emails from untrusted sources.

Social Engineering

Social Engineering Password Management Passwords Phishing

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020. Use multi-factor authentication with strong passwords, including for remote access services. Implement network segmentation.

Ransomware

Ransomware Financial Services Passwords VPN

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Avoid reusing passwords for multiple accounts.

Ransomware

Ransomware Passwords Backups Firmware

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

The Zyxel Cloud CNM SecuManager is a comprehensive network management software that provides an integrated console to manage security gateways including the ZyWALL USG and VPN Series. ” Experts also discovered the presence of backdoor accounts in MySQL. “MySQL is pre-configured with several static accounts.

Accountability

Accountability Advertising Software Authentication

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

One of the images shared by the group shows a directory containing folders such as Accounts Receivable, Finance, collection letters, Expenses, and Employees. . Consider installing and using a VPN. Use two-factor authentication with strong passwords. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware VPN Advertising Marketing

Why We Comply: Breaking Down the Learning Curve in K-12 Cybersecurity Compliance

Duo's Security Blog

AUGUST 24, 2022

estimated that 44% of educational institutions were targeted by ransomware attacks in 2020 — more data breaches than we’d ever seen in prior years. However, adding two-factor or multi-factor authentication (MFA) cybersecurity may be a good place to start. It’s never been more important to protect our children against cybercrimes.

Cybersecurity

Cybersecurity Education Insurance Authentication

Security Affairs newsletter Round 291

Security Affairs

NOVEMBER 29, 2020

Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Data breaches

Data breaches Social Engineering Ransomware Malware

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Use multifactor authentication where possible.

Passwords

Passwords Government Firmware Accountability

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Use multi-factor authentication with strong pass phrases where possible.

Ransomware

Ransomware Manufacturing Passwords Internet

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

SEPTEMBER 9, 2020

Starting on September 7, the customers of the company were not able to access the services for their accounts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. K-Electric is the largest power supplier in the country with 2.5 million customers and around 10,000 people.

Ransomware

Ransomware Energy and Utilities VPN Advertising

Mobile security threats: reality or myth?

Hot for Security

JUNE 14, 2021

As shown in our 2020 Consumer Threat Landscape Report , the surge in popularity of video conferencing solutions during the pandemic opened an unlikely door for opportunistic threat actors. You can count on us to always be there to help you secure your online accounts, regardless of platform. Weaponizing hype.

Mobile

Mobile Malware Spyware Media

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Webinars

Trending Sources

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Webinars

When Low-Tech Hacks Cause High-Impact Breaches

Trick or Treat: The Choice is Yours with Multifactor Authentication

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Vishing attacks conducted to steal corporate accounts, FBI warns

Experian, You Have Some Explaining to Do

Akira ransomware received $42M in ransom payments from over 250 victims

Security firm SonicWall was victim of a coordinated attack

China-linked threat actors have breached telcos and network service providers

SUPERNOVA malware discovered on SolarWinds Orion server

How to improve your workplace’s cybersecurity

NYFDS Cybersecurity Regulation Updates Address MFA Hurdles in the Finance Industry

Big Game Ransomware being delivered to organisations via Pulse Secure VPN

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

An Unholy Union: Remote Access and Ransomware

Consumer cyberthreats: predictions for 2024

FBI warns of education sector credentials on dark web forums

7 Tactics Recently Used By SolarWinds Hackers

Access Control: The 5 Single Sign-On Benefits

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Learning from the Oldsmar Water Treatment Attack to Prevent Critical Infrastructure Breaches

VPNs begin to lose their relevance, even as they remain difficult to shed

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

FBI and CISA warn of attacks by Rhysida ransomware gang

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

50 Ways to Avoid Getting Scammed on Black Friday

The Top Five Habits of Cyber-Aware Employees

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

FBI warns of ransomware attacks targeting the food and agriculture sector

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Netwalker ransomware operators claim to have stolen data from Forsee Power

Why We Comply: Breaking Down the Learning Curve in K-12 Cybersecurity Compliance

Security Affairs newsletter Round 291

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of ransomware threat to food and agriculture

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Mobile security threats: reality or myth?

Stay Connected