Malwarebytes

NOVEMBER 18, 2021

According to its marketing team, a FatPipe MPVPN can make your VPN “900% more secure.” According to the agency, a recent forensic analysis has revealed that Advanced Persistent Threat (APT) actors (plural) have been abusing the flaw since May 2021. ” But FatPipe says could , and the FBI says did.

VPN 105

VPN Software Internet Internet 105

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity 110

Cybersecurity Software Firmware Internet 110

Malwarebytes

JULY 1, 2021

SMS authentication codes are back in the news, and the word I’d use to summarise their reappearance is “embattled.” ” I can still remember a time where two-factor authentication (2FA), authentication grids, regional lockouts, Yubikeys, and offline authentication apps simply did not exist.

Authentication 97

Authentication Phishing Passwords Mobile 97

CyberSecurity Insiders

JULY 30, 2021

Here is the most recent vulnerability report, including the top CVE list for the second quarter of 2021. The X-axis above depicts all vulnerabilities found in the second quarter from 1 April to 30 June 2021. The CVE Dirty Dozen for Q2 2021. vulnerability – CVE-2021-1675. Web application exploits continue to dominate.

Engineering 126

Engineering VPN Authentication Cybersecurity 126

Duo's Security Blog

MAY 18, 2021

Phishing is responsible for the vast majority of breaches in this pattern, with cloud-based email servers being a target of choice." — 2021 Verizon DBIR The federal government had a tough year when it came to data breaches and ransomware attacks.

Phishing 113

Phishing Social Engineering Data breaches Ransomware 113

Krebs on Security

FEBRUARY 26, 2023

We don’t know much about the source of the November 2021 incident, other than GoDaddy’s statement that it involved a compromised password, and that it took about two months for the company to detect the intrusion. What else do we know about the cause of these incidents?

Hacking 268

Hacking Social Engineering Phishing Scams 268

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN 95

VPN Authentication Passwords Software 95

Security Affairs

AUGUST 29, 2021

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing.

VPN 122

VPN Encryption Authentication Hacking 122

Security Affairs

AUGUST 3, 2023

The vulnerability was exploited by multiple threat actors [ 1 , 2 , 3 , 4 , 5 ], including Russia-linked APT groups that targeted critical infrastructure.

Authentication 84

Authentication VPN Internet Internet 84

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. CVE-2021-22893 is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 One file is designed to intercept certificate-based multi-factor authentication.

Malware 130

Malware VPN Authentication Hacking 130

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 84

Firewall VPN Firmware Internet 84

Security Affairs

AUGUST 17, 2021

An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker. The vulnerability impacts Fortinet FortiWeb versions 6.3.11 Pierluigi Paganini.

Authentication 99

Authentication VPN Internet Internet 99

BH Consulting

DECEMBER 14, 2021

IOCTA also warned of evolving mobile malware that’s allowing criminals to try to get around additional security measures such as two-factor authentication. In last month’s newsletter, we looked at why using a VPN doesn’t always protect the user. The post Security Roundup December 2021 appeared first on BH Consulting.

Cybercrime 59

Cybercrime Mobile DDOS CISO 59

eSecurity Planet

MARCH 21, 2022

Using misconfigured multi-factor authentication (MFA) and an unpatched Windows vulnerability, Russian state-sponsored hackers were able to breach a non-governmental organization (NGO) and escalate privileges, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI revealed last week. Network Best Practices.

VPN 108

VPN Accountability Authentication Passwords 108

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 86

VPN Firewall Firmware Authentication 86

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021 , in the operating system ( PAN?OS x base score of 10. . x base score of 10.

Firewall 90

Firewall Authentication VPN Advertising 90

Duo's Security Blog

AUGUST 22, 2022

In 2017, New York Department of Financial Services (NYDFS) passed cybersecurity regulation 23 NYCRR 500, requiring all financial services companies to implement multi-factor authentication (MFA). During the NYDFS cybersecurity investigation from January 2020 to July 2021, they found that more than 18.3

Cybersecurity 93

Cybersecurity Financial Services VPN Technology 93

SC Magazine

FEBRUARY 17, 2021

Growing security risks have prompted companies to move away from virtual private networks (VPNs) in favor of a zero-trust model. Most organizations, 72 percent, plan to ditch VPNs , according to Zscaler’s 2021 VPN Risk Report , which found that 67 percent of organizations are considering remote access alternatives.

VPN 135

VPN Social Engineering Authentication Architecture 135

Javvad Malik

NOVEMBER 11, 2021

Cloud usage has increased, we’ve seen VPN’s crop up everywhere, and the shiny hotness that is MFA (multi factor authentication). At the beginning of lockdown, we saw phishing emails which claimed to be from IT asking unwitting staff to download the latest VPN. Spoiler alert, it wasn’t a VPN. Enable MFA!

VPN 100

VPN Authentication Passwords Scams 100

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability 315

Accountability Passwords Authentication Password Management 315

ForAllSecure

MAY 25, 2021

Black Hat Briefings USA ( Jul 31, 2021 through Thu, Aug 5, 2021). BsidesLV (July 31 and August 1, 2021). BSidesLV will be entirely virtual in 2021. For example, FuzzCON 2021 will be hybrid, in person and virtual, the Thursday night between Black Hat and DEF CON. Two Factor Authentication is a must.

VPN 52

VPN Passwords Internet Internet 52

ForAllSecure

MAY 25, 2021

Black Hat Briefings USA ( Jul 31, 2021 through Thu, Aug 5, 2021). BsidesLV (July 31 and August 1, 2021). BSidesLV will be entirely virtual in 2021. For example, FuzzCON 2021 will be hybrid, in person and virtual, the Thursday night between Black Hat and DEF CON. Two Factor Authentication is a must.

VPN 52

VPN Passwords Internet Internet 52

Malwarebytes

JULY 28, 2021

Because of this unwillingness of UDP Technology to respond, RandoriSec worked with Geutebrück, one of the camera vendors, to correct the 11 authenticated RCE vulnerabilities and a complete authentication bypass that they found in the firmware. History lessons. Impact of the vulnerabilities.

Firmware 110

Firmware Technology Authentication IoT 110

eSecurity Planet

AUGUST 28, 2023

To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 87

VPN Authentication Mobile Firewall 87

Security Affairs

JUNE 30, 2020

Recently Palo Alto Network addressed a critical vulnerability , tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated network-based attackers to bypass authentication, it has has been rated as critical severity and received a CVSS 3.x

Firewall 104

Firewall Authentication VPN Hacking 104

SecureWorld News

DECEMBER 8, 2021

Use of accounts with Application Impersonation privileges to harvest sensitive mail data since Q1 2021.". Abuse of multi-factor authentication leveraging 'push' notifications on smartphones.". Mandiant believes a misconfiguration by the threat actor meant that the VPN services running on the VPS stopped functioning after 8 hours.

VPN 78

VPN Authentication Mobile Internet 78

eSecurity Planet

MARCH 19, 2024

The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website. The fix: Fortinet advised users to disable SSL VPN until their FortiOS and FortiProxy deployments can be upgraded.

Authentication 102

Authentication VPN Software DDOS 102

Security Affairs

JUNE 4, 2021

This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway. The vendor also released a tool that can scan Pulse Secure VPN servers for signs of compromise for CVE-2021-22893 or other previous vulnerabilities.

VPN 76

VPN Government Hacking Authentication 76

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 89

Data breaches DDOS VPN Hacking 89

SecureList

DECEMBER 16, 2021

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. During the period from January 20 to November 10, 2021, Kaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world.

Spyware 91

Spyware Energy and Utilities Malware VPN 91

eSecurity Planet

AUGUST 28, 2023

To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 70

VPN Authentication Mobile Firewall 70

Malwarebytes

FEBRUARY 22, 2023

DNA Diagnostics Center (DDC), an Ohio-based private DNA testing company, last week reached a settlement deal with the Ohio and Pennsylvania state attorneys general in relation to a 2021 breach that saw the theft of 45,000 residents ' personal details. Overall the attack compromised over 2.1

Penetration Testing 86

Penetration Testing InfoSec Accountability Authentication 86

Malwarebytes

APRIL 23, 2021

Pulse Secure VPN. CISA found that the attacker(s) had access to the enterprise’s network for nearly a year, between March 2020 and February 2021. According to its investigation, the threat actor connected to the entity’s network via a Pulse Secure Virtual Private Network (VPN) appliance. HF 5, 2020.2 Recommendations.

Malware 91

Malware VPN Authentication Passwords 91

Duo's Security Blog

FEBRUARY 16, 2022

million, according to IBM and the Ponemon Institute’s Cost of Data Breach Report 2021. million, according to IBM and the Ponemon Institute’s Cost of Data Breach Report 2021. The costs that follow a data breach are trending upward year over year. Data breach costs rose from $3.86 million to $4.24 Data breach costs rose from $3.86

Retail 96

Retail Cybersecurity Data breaches Passwords 96

SecureWorld News

JULY 27, 2021

Ensure that old VPN remote access systems are taken down when new ones are instituted.". Ensure that when it comes to a private company that holds an effective monopoly and a bottleneck over critical infrastructure with national security implications, that company does not use VPN remote access with lax security measures.".

Ransomware 98

Ransomware Authentication VPN Cybersecurity 98

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting. Enforce MFA on all VPN connections [ D3-MFA ].

Telecommunications 96

Telecommunications Authentication Passwords Accountability 96

SC Magazine

JULY 7, 2021

Following that, VSA clients need to restrict access to a corporate LAN or VPN. The three that had not been patched are a credentials leak and business logic flaw (CVE-2021-30116), a cross-site scripting vulnerability (CVE-2021-30119) and a two-factor identification vulnerability (CVE-2021-30120).

Ransomware 112

Ransomware VPN Media Authentication 112