Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. SecurityAffairs – hacking, Fortinet VPN).

VPN 95

VPN Ransomware Antivirus Firmware 95

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Europol said. Pierluigi Paganini.

VPN 81

VPN Cybercrime Ransomware Advertising 81

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory.

Malware 129

Malware VPN Authentication Hacking 129

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The malicious code can also act as a first-stage malware.

Accountability 131

Accountability Malware Data breaches Passwords 131

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 281

Malware Software Technology Accountability 281

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware 109

Firmware Passwords Accountability VPN 109

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware 76

Ransomware VPN Cybercrime Advertising 76

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware 106

Malware Surveillance Phishing Government 106

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 103

Ransomware Encryption Antivirus VPN 103

Security Affairs

JANUARY 23, 2021

The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vulnerabilities in their VPN solutions, such as NetExtender VPN client version 10.x x and Secure Mobile Access ( SMA ). Below the list of affected products shared by THN: NetExtender VPN client version 10.x

VPN 128

VPN Firewall Mobile Hacking 128

Security Affairs

MAY 1, 2021

If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” ” QNAP NAS devices continue to be under attack, earlier March, researchers at 360Netlab warned of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices.

Ransomware 111

Ransomware Cryptocurrency Malware Internet 111

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

MARCH 24, 2021

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware 138

Ransomware Encryption VPN Malware 138

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 114

IoT DDOS Malware Firmware 114

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. ” continues the report.

Hacking 88

Hacking VPN Advertising Financial Services 88

Security Affairs

NOVEMBER 4, 2020

3 (@pancak3lullz) October 15, 2020. KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. SecurityAffairs – hacking, malware). pic.twitter.com/fJ3BwlaHsR — ??????3

Ransomware 135

Ransomware Malware Advertising Cybercrime 135

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 84

Data breaches Social Engineering Ransomware Malware 84

Security Affairs

DECEMBER 13, 2020

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived!

Computers and Electronics 88

Computers and Electronics VPN Hacking Ransomware 88

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . The ransom note left by the malware points to Tor pages that are uniquely generated for each victim. . The copy is then deleted and an executable is unpacked in memory.

Ransomware 139

Ransomware Encryption Malware VPN 139

Security Affairs

OCTOBER 15, 2020

1/2 — NOOK (@nookBN) October 14, 2020. (2/2) — NOOK (@nookBN) October 14, 2020. ” BleepingComputer confirmed that the company was hit by a cyber attack on October 10th, 2020, and cited as a source an email sent to customers late Wednesday night that is has seen. SecurityAffairs – hacking, malware).

Cyber Attacks 109

Cyber Attacks VPN Backups Ransomware 109

Security Affairs

APRIL 24, 2020

pic.twitter.com/0gykQl53Ft — Under the Breach (@underthebreach) April 23, 2020. Experts from BadPackets pointed out that attackers might have exploited the Pulse Secure VPN CVE-2019-11510 to compromise the company. link] — Bad Packets Report (@bad_packets) April 23, 2020.

Software 102

Software Ransomware VPN Advertising 102

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

JULY 22, 2020

Immediately after the first attacks, security experts started searching for vulnerable databases exposed online. One of the recent Meow attacks targeted the Hong Kong-based VPN provider UFO VPN , hackers targeted its Elasticsearch database. Recently vpnMentor experts reported that seven Virtual Private Network (VPN) left 1.2

VPN 91

VPN Advertising Hacking Information Security 91

Security Affairs

JUNE 4, 2021

The vendor also released a tool that can scan Pulse Secure VPN servers for signs of compromise for CVE-2021-22893 or other previous vulnerabilities. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “In reads the report published by FireEye.

VPN 73

VPN Government Hacking Authentication 73

Security Affairs

DECEMBER 6, 2020

Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected. ” reported ZDNet.

Ransomware 96

Ransomware VPN Encryption Authentication 96

Security Affairs

SEPTEMBER 15, 2020

. “CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.” 7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances.

Government 71

Government VPN Firmware Energy and Utilities 71

Malwarebytes

SEPTEMBER 3, 2021

Rise in malware. As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020. Critical infrastructure.

Ransomware 138

Ransomware Manufacturing Passwords Internet 138

Security Affairs

JULY 16, 2020

The Cisco Product Security Incident Response Team (PSIRT) confirmed that it is not aware of any public announcements or malicious use of the above vulnerabilities. The tech giant confirmed that there are no workarounds that fix these vulnerabilities.

Firewall 89

Firewall Small Business Wireless Authentication 89

Security Affairs

JUNE 21, 2021

Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020. Secure your back-ups and ensure data is not accessible for modification or deletion from the system where the data resides.

Ransomware 137

Ransomware Passwords VPN Authentication 137

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT 102

IoT Banking Advertising Ransomware 102

Security Affairs

OCTOBER 1, 2020

The experts found six vulnerabilities in B&R Automation’s SiteManager and GateManager ( CVE-2020-11641 , CVE-2020-11642 , CVE-2020-11643 , CVE-2020-11644 , CVE-2020-11645 , CVE-2020-11646 ) that could potentially disrupt operations. ” reads the advisory published by the company.

Advertising 106

Advertising Authentication VPN Firewall 106

Security Affairs

AUGUST 28, 2020

Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS issue that resides in the Fabric Services component. ” reads the advisory published by Cisco.

Software 122

Software Risk Advertising Authentication 122

Security Affairs

SEPTEMBER 10, 2020

US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020.

Ransomware 65

Ransomware VPN Banking Data breaches 65

Security Affairs

JULY 20, 2020

REvil #Sodinokibi #Ransomware pic.twitter.com/BZtLhw8V1D — Germán Fernández (@1ZRR4H) July 19, 2020. Immediately after the attack was detected by the internal IT staff, the company warned its employees of not connecting its internal VPN network and avoiding opening emails with suspicious archive attachments.

Ransomware 121

Ransomware VPN Advertising Internet 121

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Disable hyperlinks in received emails. Pierluigi Paganini.

Passwords 65

Passwords Government Firmware Accountability 65

Security Affairs

AUGUST 6, 2020

Secure your back-ups and ensure data is not accessible for modification or deletion from the system where the data resides. Install and regularly update anti-virus or anti-malware software on all hosts. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.

Ransomware 106

Ransomware VPN Advertising Marketing 106

Security Affairs

OCTOBER 18, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN 76

VPN Surveillance Advertising Ransomware 76