Security Affairs

AUGUST 3, 2023

The vulnerability was exploited by multiple threat actors [ 1 , 2 , 3 , 4 , 5 ], including Russia-linked APT groups that targeted critical infrastructure.

Authentication 82

Authentication VPN Internet Internet 82

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. CVE-2021-22893 is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 The flaw received a CVSS score of 9.1,

Malware 129

Malware VPN Authentication Hacking 129

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 83

Firewall VPN Firmware Internet 83

Security Affairs

AUGUST 17, 2021

An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker. The vulnerability impacts Fortinet FortiWeb versions 6.3.11 Pierluigi Paganini.

Authentication 98

Authentication VPN Internet Internet 98

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 84

VPN Firewall Firmware Authentication 84

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021 , in the operating system ( PAN?OS x base score of 10. . x base score of 10.

Firewall 88

Firewall Authentication VPN Advertising 88

Malwarebytes

FEBRUARY 22, 2023

DNA Diagnostics Center (DDC), an Ohio-based private DNA testing company, last week reached a settlement deal with the Ohio and Pennsylvania state attorneys general in relation to a 2021 breach that saw the theft of 45,000 residents ' personal details. Overall the attack compromised over 2.1

Penetration Testing 89

Penetration Testing InfoSec Accountability Authentication 89

ForAllSecure

MAY 25, 2021

Black Hat Briefings USA ( Jul 31, 2021 through Thu, Aug 5, 2021). BsidesLV (July 31 and August 1, 2021). BSidesLV will be entirely virtual in 2021. For example, FuzzCON 2021 will be hybrid, in person and virtual, the Thursday night between Black Hat and DEF CON. Two Factor Authentication is a must.

VPN 52

VPN Passwords Internet Internet 52

ForAllSecure

MAY 25, 2021

Black Hat Briefings USA ( Jul 31, 2021 through Thu, Aug 5, 2021). BsidesLV (July 31 and August 1, 2021). BSidesLV will be entirely virtual in 2021. For example, FuzzCON 2021 will be hybrid, in person and virtual, the Thursday night between Black Hat and DEF CON. Two Factor Authentication is a must.

VPN 52

VPN Passwords Internet Internet 52

Security Affairs

JUNE 30, 2020

Recently Palo Alto Network addressed a critical vulnerability , tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated network-based attackers to bypass authentication, it has has been rated as critical severity and received a CVSS 3.x

Firewall 103

Firewall Authentication VPN Hacking 103

Security Affairs

JUNE 4, 2021

A vulnerability was discovered under Pulse Connect Secure (PCS). This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway. reads the report published by FireEye. reads the report published by FireEye.

VPN 74

VPN Government Hacking Authentication 74

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 87

Data breaches DDOS VPN Hacking 87

Security Affairs

SEPTEMBER 3, 2021

.” The PIN provides a series of examples of ransomware attacks impacting food and agriculture sector businesses, such as an attack that took place in January 2021 against an identified US farm that resulted in losses of approximately $9 million due to the disruption of the farming operations. Consider installing and using a VPN.

Ransomware 96

Ransomware Passwords Backups Firmware 96

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications 95

Telecommunications Authentication Passwords Accountability 95

Security Affairs

MARCH 16, 2022

The nation-state actors gained access to the network by exploiting default MFA protocols and the Windows Print Spooler vulnerability, “PrintNightmare” ( CVE-2021-34527 ), reads the advisory. ” reads the joint advisory. ” continues the analysis.

Accountability 91

Accountability Passwords Authentication Firmware 91

Security Affairs

JULY 6, 2022

The Hive ransomware operation has been active since June 2021, it provides Ransomware-as-a-Service Hive and adopts a double-extortion model threatening to publish data stolen from the victims on their leak site (HiveLeaks). .” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem.

Encryption 115

Encryption Ransomware Cybercrime Malware 115

Security Affairs

JUNE 21, 2021

BleepingComputer reported that the ransomware attack took place on May 23rd, 2021, and forced the company to shut down its systems to contain the infection. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use multi-factor authentication with strong passwords.

Ransomware 137

Ransomware Passwords VPN Authentication 137

Security Affairs

JUNE 27, 2022

The timeline of the issues is: On September 15, 2021 ?Started Started research on ABB AC series PLC & CODESYS V2 runtime On September 29, 2021, 3 vulnerabilities about CODESYS V2 runtime were submitted to codesys On October 25, 2021, codesys published a security advisory and a latest version of CODESYS V2 runtime 2.4.7.56

Software 82

Software Manufacturing Firmware Risk 82

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Use multifactor authentication where possible. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

MAY 25, 2023

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Accountability 75

Accountability VPN Manufacturing Firewall 75

Security Affairs

JULY 8, 2021

The experts reported the flaw to the software vendor in February 2021 and the company addressed them with the release of Sage X3 Version 9 (Syracuse 9.22.7.2), Sage X3 HR & Payroll Version 9 (Syracuse 9.24.1.3), Sage X3 Version 11 (Syracuse 11.25.2.6), and Sage X3 Version 12 (Syracuse 12.10.2.8). ” continues the report.

Hacking 106

Hacking Authentication VPN Software 106

Security Affairs

DECEMBER 16, 2021

The malware had attacked at least 35,000 systems in 195 countries between January and November 2021 which is uncommon for targeted attacks carried out by nation-state actors. The experts revealed that at least 7.2%

Spyware 108

Spyware Energy and Utilities Malware Engineering 108

Security Affairs

JUNE 17, 2021

The crooks compromised the website of the vendor and implanted malicious code in a Windows application, a custom version of the Dahua SmartPSS Windows app, that the company provides to its customers to control their security feeds. ” reads the analysis published by Mandiant. ” reads the analysis published by Mandiant.

Cybercrime 105

Cybercrime Ransomware Antivirus Software 105

Malwarebytes

MARCH 17, 2021

link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Use multi-factor authentication wherever possible. Only use secure networks and avoid using public Wi-Fi networks.

Education 107

Education Ransomware Phishing Passwords 107

SecureWorld News

JUNE 28, 2020

We have come to the realization that the distributed workforce due to the coronavirus will last well into 2021. is an electronic cyberattack that targets a user by email and falsely poses as an authentic entity to bait individuals into providing sensitive data, corporate passwords, clicks on a malicious web link, or execute malware.

Penetration Testing 99

Penetration Testing Social Engineering VPN Phishing 99

Security Affairs

MARCH 23, 2021

GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).” The most severe issue addressed by the vendor is a critical “ INSECURE DEFAULT VARIABLE INITIALIZATION ” issue tracked as CVE-2021-27426 and rated with a CVSS score of 9.8

Firmware 78

Firmware VPN Firewall Risk 78

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 85

Data breaches Social Engineering Ransomware Malware 85

CyberSecurity Insiders

JULY 21, 2021

Ensure that account credentials are secure. According to Verizon’s 2021 Data Breach Investigations Report , credentials are the type of data cybercriminals most want to steal in a breach. For example, as many companies continue to allow employees to work remotely, VPNs are becoming more and more crucial.

Social Engineering 145

Social Engineering Password Management Passwords Phishing 145

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Implement a recovery plan to restore sensitive or proprietary data from a physically separate, segmented, secure location (e.g.,

Passwords 65

Passwords Government Firmware Accountability 65

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN 139

VPN Government Authentication Advertising 139

Security Affairs

JULY 29, 2022

Therefore, strong authentication methods are needed. Therefore, strong authentication methods are needed to improve security without hindering user convenience. What is Strong Authentication? The IAM Security Boundary Strong authentication is a critical component of modern-day identity and access management.

Authentication 106

Authentication Passwords Data privacy Identity Theft 106

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software 99

Software Firmware DNS VPN 99

Malwarebytes

MAY 28, 2021

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. Use multi-factor authentication where possible. Consider installing and using a VPN.

Healthcare 108

Healthcare Ransomware Encryption Passwords 108

eSecurity Planet

NOVEMBER 5, 2021

Follow it up with our Top Enterprise Encryption Vendors of 2021. Top Full Disk Encryption Software of 2021. The centrally managed FDE software for endpoints operates as a feature in the overall security suite. The full disk encryption solution supports multiple pre-boot authentication languages for global deployments.

Encryption 52

Encryption Software Authentication Passwords 52

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 103

VPN Social Engineering Accountability Media 103

Security Affairs

DECEMBER 27, 2021

Digging the code the researchers discovered that the username used for authentication is compared to another string: iVar5 = strcmp((char *)username,"Schandelah"); “Schandelah” appears to be an undocumented, special username, it is the name of a village in northern Germany where Auerswald produces their devices. Pierluigi Paganini.

Firmware 92

Firmware Manufacturing Passwords Penetration Testing 92

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 90

Ransomware VPN Manufacturing Healthcare 90