Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. 13, 2018 and Mar.

VPN 356

VPN Passwords Software Telecommunications 356

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware 113

Firmware Passwords Accountability VPN 113

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. ” reads the post published by Kaspersky.

VPN 102

VPN Ransomware Antivirus Firmware 102

Schneier on Security

FEBRUARY 7, 2020

Ten years ago, I wrote an essay : "Security in 2020." Well, it's finally 2020. Employees already have their laptops configured just the way they like them, and they don't want another one just for getting through the corporate VPN. I think I did pretty well. Security can only be defined in relation to something else.

Advertising 346

Advertising Internet Internet Artificial Intelligence 346

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. RS is the key source of identity data sold on online criminal forums since its initial release in early 2020.

Accountability 138

Accountability Malware Data breaches Passwords 138

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. ” Once gained access to the network, crooks expand their network access, for example, escalating privileges of the compromised employees’ accounts. SecurityAffairs – hacking, vishing).

Accountability 106

Accountability VPN Social Engineering Phishing 106

Security Affairs

OCTOBER 14, 2021

Google revealed to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers since January. Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Phishing 89

Phishing Hacking Government VPN 89

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 111

Ransomware Encryption Antivirus VPN 111

Krebs on Security

FEBRUARY 14, 2022

Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. Wazawaka, a.k.a. Matveev, a.k.a.

VPN 198

VPN Ransomware Cybercrime Accountability 198

Security Affairs

JANUARY 23, 2021

The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. Below the list of affected products shared by THN: NetExtender VPN client version 10.x

VPN 134

VPN Firewall Mobile Hacking 134

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 239

Scams DDOS Cryptocurrency Accountability 239

Krebs on Security

APRIL 20, 2023

Mandiant found the earliest evidence of compromise uncovered within 3CX’s network was through the VPN using the employee’s corporate credentials, two days after the employee’s personal computer was compromised. Microsoft Corp.

Malware 277

Malware Software Technology Accountability 277

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. Nikulin also hacked into an employee account of a Formspring engineer and used it to access the company network between June 13, 2012, and June 29, 2012.

Hacking 83

Hacking Cybercrime Data breaches Advertising 83

SC Magazine

APRIL 21, 2021

They include a damaging bug that allows an unauthorized user to create administrative accounts on a network ( CVE-2021-20021 ) and two others that allow an already-authenticated attacker to read ( CVE-2021-20023 ) and upload ( CVE-2021-20022 ) files on the victim’s remote host. million SonicWall user groups. million SonicWall user groups.

Hacking 106

Hacking VPN Media Firewall 106

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. Verified was hacked at least twice in the past five years, and its user database posted online. com (2017).

Ransomware 292

Ransomware Passwords Accountability Cybercrime 292

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. SecurityAffairs – hacking, FBI).

Cybercrime 135

Cybercrime Education Accountability Phishing 135

SecureWorld News

DECEMBER 2, 2021

But the IR team was trying to figure something out: how did a hacker access the organization's AWS cloud to exfiltrate data and then proceed to copy more than 150 repositories from its GitHub account? Prosecutors say the insider threat scheme started unfolding on December 10, 2020. This type of timing became a pattern in the scheme.

VPN 90

VPN Accountability Engineering Software 90

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 312

Accountability Passwords Authentication Password Management 312

The Last Watchdog

JULY 30, 2021

Then a global pandemic came along and laid bare just how brittle company VPNs truly are. Criminal hackers recognized the golden opportunity presented by hundreds of millions employees suddenly using a company VPN to work from home and remotely connect to an array of business apps. Two sweeping trends resulted: one bad, one good.

VPN 214

VPN Firewall Encryption Accountability 214

Security Affairs

NOVEMBER 29, 2020

SecurityAffairs – hacking, newsletter). Pierluigi Paganini. The post Security Affairs newsletter Round 291 appeared first on Security Affairs.

Data breaches 92

Data breaches Social Engineering Ransomware Malware 92

Security Affairs

OCTOBER 15, 2020

A series of messages published on Barnes & Noble’s Nook social media accounts state that it had suffered a system failure and is working to restore operations by restoring their server backups. 1/2 — NOOK (@nookBN) October 14, 2020. (2/2) — NOOK (@nookBN) October 14, 2020. Thank you for your patience.

Cyber Attacks 114

Cyber Attacks VPN Backups Ransomware 114

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. “Account accesses for antivirus programs garner the second-highest prices: around $21.67. SecurityAffairs – hacking, cybercrime marketplaces).

Cybercrime 124

Cybercrime Antivirus Marketing Accountability 124

Security Affairs

JANUARY 3, 2021

SecurityAffairs – hacking, Vermont Medical Center). If you want to receive the weekly Security Affairs Newsletter for free subscribe here. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini. The post Security Affairs newsletter Round 295 appeared first on Security Affairs.

Data breaches 99

Data breaches Mobile VPN Firewall 99

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. Enforce MFA on all VPN connections [ D3-MFA ].

Telecommunications 98

Telecommunications Authentication Passwords Accountability 98

Security Affairs

NOVEMBER 18, 2021

In March 2021, Iran-linked APT groups leveraged Fortinet FortiOS vulnerabilities such as CVE-2018-13379 , CVE-2019-5591 , and CVE-2020-12812 to gain access to target networks. In May 2021, the Iran-linked threat actors breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

Healthcare 95

Healthcare Government VPN Accountability 95

Security Affairs

NOVEMBER 15, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware 119

Ransomware Manufacturing Healthcare Education 119

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. SecurityAffairs – DrayTek, hacking).

Firmware 84

Firmware VPN Accountability Advertising 84

Security Affairs

MARCH 20, 2020

In May 2019, the experts noticed that the group started using hacked email addresses of numerous high-profile targets to send credential spam messages. The group was observed using this scheme between 2019 and 2020, and according to the experts, most of the compromised email accounts belong to defense companies in the Middle East.

Phishing 140

Phishing Accountability Advertising DNS 140

Security Affairs

JUNE 21, 2021

Ragnar Locker ransomware gang initially published the archive on the popular MEGA storage service, but the platform closed their account and blocked access to the archives shared by the group. Consider installing and using a VPN. SecurityAffairs – hacking, ransomware). Use multi-factor authentication with strong passwords.

Ransomware 138

Ransomware Passwords VPN Authentication 138

Security Affairs

NOVEMBER 4, 2020

3 (@pancak3lullz) October 15, 2020. KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. SecurityAffairs – hacking, malware). #KPOT source code up for sale! Pierluigi Paganini.

Ransomware 141

Ransomware Malware Advertising Cybercrime 141

Malwarebytes

MARCH 15, 2021

In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report , which analyzed the top cybercrime goals of 2020 amidst the global pandemic. After all, malware detections for both consumers and businesses decreased in 2020 compared to 2019. That sounds like good news, but it wasn’t.

Malware 58

Malware VPN Cybercrime Encryption 58

Security Affairs

SEPTEMBER 7, 2020

The attack took place over the weekend, the closure of the BancoEstado breaches was announced by the bank through its Twitter account. Información de Prensa pic.twitter.com/gupHjabSgX — BancoEstado (@BancoEstado) September 6, 2020. SecurityAffairs – hacking, Norway). and Elexon electrical middleman. . Pierluigi Paganini.

Banking 115

Banking Ransomware Advertising VPN 115

Security Affairs

AUGUST 8, 2020

According to the FBI, Iranian hackers are actively attempting to exploit an unauthenticated RCE flaw, tracked as CVE-2020-5902, in F5 Big-IP ADC devices. Early June, researchers at F5 Networks addressed the CVE-2020-5902 vulnerability, it resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product.

VPN 91

VPN Advertising Malware Banking 91

Security Affairs

MAY 21, 2020

Threat actors attempted to exploit a zero-day (CVE-2020-12271) in the Sophos XG firewall to spread ransomware to Windows machines, the good news is that the attack was blocked by a hotfix issued by Sophos. A list of the user IDs permitted to use the firewall for SSL VPN and accounts that were permitted to use a “clientless” VPN connection.

Firewall 138

Firewall Ransomware Passwords VPN 138

Security Affairs

JANUARY 5, 2021

The alarm was raised by the threat intelligence firm Kela that reported the availability for sale of the credentials in multiple hacking forums and criminal marketplace. “KELA found nearly 1 million compromised accounts pertaining to gaming clients and employees, with 50% of them offered for sale during 2020.”

Hacking 103

Hacking Passwords VPN Accountability 103

Security Affairs

SEPTEMBER 3, 2021

In another incident that occurred in March 2021, a ransomware attack blocked the operations at a US beverage company, while in a November 2020 attack on a US-based international food and agriculture business threat actors requested the payment of a gigantic $40 million ransom. Avoid reusing passwords for multiple accounts.

Ransomware 102

Ransomware Passwords Backups Firmware 102

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering 123

Social Engineering VPN Phishing Authentication 123