Security Affairs

APRIL 12, 2021

Pulse Secure VPN users were not able to login due to the expiration of a code signing certificate used to digitally sign and verify software components. Pulse Secure VPN users were not able to login after a code signing certificate used to digitally sign and verify software components has expired. Pierluigi Paganini.

VPN 107

VPN Software Hacking Information Security 107

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. and Europe.” ” reads the report published by FireEye. and Europe.”

VPN 131

VPN Government Malware Hacking 131

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. SecurityAffairs – hacking, SolarMarker).

Software 145

Software VPN Cybersecurity Internet 145

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. The vulnerability is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 108

VPN Government Authentication Cybersecurity 108

Security Affairs

AUGUST 19, 2021

Cisco has no plan to fix a critical code execution flaw (CVE-2021-34730) in small business RV110W, RV130, RV130W, and RV215W routers. Cisco has no plan to address a critical code execution vulnerability, tracked as CVE-2021-34730, that affects small business RV110W, RV130, RV130W, and RV215W routers. Pierluigi Paganini.

Small Business 111

Small Business Wireless VPN Firewall 111

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 111

VPN Firewall Firmware Authentication 111

Security Affairs

MAY 25, 2021

A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote authenticated attacker to execute arbitrary code with elevated privileges.

VPN 100

VPN Authentication Hacking Software 100

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. 2020 VPN series running firmware ZLD V4.60 Patch1 in April 2021 NXC5500 V6.10 Patch1 in April 2021. 2020 VPN series running firmware ZLD V4.60 Patch1 in April 2021 NXC5500 V6.10 Patch1 in April 2021.

Firewall 140

Firewall VPN Firmware Passwords 140

Security Affairs

JANUARY 18, 2022

Microsoft released Windows emergency out-of-band (OOB) updates to fix multiple issues caused by January 2021 Patch Tuesday updates. Microsoft has released emergency out-of-band (OOB) updates for Windows to address multiple issues caused by security updates issued as part of the January 2021 Patch Tuesday. Pierluigi Paganini.

VPN 99

VPN Media Hacking Information Security 99

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. ” Kaspersky spotted the activity of the group by investigating two weaponized documents that were uploaded to VirusTotal in July 2020 and March 2021. .

VPN 125

VPN Internet Internet Software 125

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. mike [link] pic.twitter.com/fkU2USEZis — Swisscom CSIRT (@swisscom_csirt) January 26, 2021. SecurityAffairs – hacking, Fortinet VPN). ” continues Kaspersky.

VPN 98

VPN Ransomware Antivirus Firmware 98

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. Accenture has been hit by a LockBit 2.0

Hacking 97

Hacking VPN Passwords Ransomware 97

Security Affairs

SEPTEMBER 22, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root.

DNS 129

DNS Firmware VPN Risk 129

Security Affairs

JULY 6, 2021

Positive Technologies researcher Nikita Abramov has provided details about the CVE-2021-20026 command injection vulnerability that affects SonicWall’s Network Security Manager (NSM) product. reads the security advisory published by SonicWall. .” SecurityAffairs – hacking, SonicWall NSM). Pierluigi Paganini.

Authentication 111

Authentication Network Security VPN Firewall 111

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The state sponsored hackers also uses the VPN access to scan for vulnerabilities in targeted organizations.

VPN 82

VPN Manufacturing Education Hacking 82

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 98

Artificial Intelligence VPN Hacking Firewall 98

Security Affairs

JULY 28, 2021

The cybersecurity agencies warn of attacks aimed at exploiting flaws in VPN appliances, network equipment and enterprise cloud applications from multiple vendors, including Atlassian, Citrix. “Four of the most targeted vulnerabilities in 2020 affected remote work, VPNs, or cloud-based technologies. . Pierluigi Paganini.

VPN 134

VPN Cybersecurity Hacking Technology 134

Security Affairs

AUGUST 29, 2021

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing.

VPN 121

VPN Encryption Authentication Hacking 121

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 203

Malware VPN Internet Internet 203

Security Affairs

JULY 8, 2021

The experts reported the flaw to the software vendor in February 2021 and the company addressed them with the release of Sage X3 Version 9 (Syracuse 9.22.7.2), Sage X3 HR & Payroll Version 9 (Syracuse 9.24.1.3), Sage X3 Version 11 (Syracuse 11.25.2.6), and Sage X3 Version 12 (Syracuse 12.10.2.8). SecurityAffairs – hacking, SAGE).

Hacking 108

Hacking Authentication VPN Software 108

Security Affairs

NOVEMBER 8, 2023

Bluewater Health hospital confirmed that threat actors stole a database containing information on 5.6 Chatham-Kent Health Alliance reported that threat actors had access to data belonging to 1446 employees who worked in the hospital as of February 2021. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 115

Ransomware Healthcare VPN Insurance 115

Security Affairs

DECEMBER 19, 2022

CVE-2018-0125 (CVSS score of 9.8) – A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. .

Wireless 139

Wireless VPN Software Hacking 139

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. CVE-2021-22893 is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 SecurityAffairs – hacking, Pulse Secure).

Malware 130

Malware VPN Authentication Hacking 130

Security Affairs

SEPTEMBER 8, 2021

The ransomware group has been active since August 2021 and implement a double extortion model like other gangs. SongBird also created a post on the RAMP forum that includes a link to a file containing the Fortinet VPN accounts. SecurityAffairs – hacking, Groove gang). 2,959 out of 22,500 victims are US entities.

VPN 92

VPN Ransomware Hacking Accountability 92

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 84

Firewall VPN Firmware Internet 84

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. SecurityAffairs – hacking, Pulse). Pierluigi Paganini.

Internet 108

Internet Internet VPN Mobile 108

Security Affairs

SEPTEMBER 8, 2021

Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN, VPN, ExpressVPN, KeepSolid VPN Unlimited, Nord VPN, Speedify VPN, and IPVanish VPN. SecurityAffairs – hacking, FIN8). Pierluigi Paganini.

VPN 76

VPN Internet Internet Mobile 76

Security Affairs

SEPTEMBER 1, 2021

We will release security updates and provide further information as soon as possible.” ” The two vulnerabilities are CVE-2021-3711 and CVE-2021-3712 , they are respectively a remote code execution (RCE) and denial-of-service (DoS). SecurityAffairs – hacking, QNAP). Important Ongoing DSM 6.2

VPN 86

VPN Encryption Hacking Internet 86

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 114

Ransomware Cryptocurrency Cybercrime VPN 114

Security Affairs

AUGUST 3, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, most exploited vulnerabilities ) The post CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022 appeared first on Security Affairs.

Authentication 84

Authentication VPN Internet Internet 84

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN 99

VPN Ransomware Manufacturing IoT 99

Security Affairs

APRIL 9, 2021

According a security advisory published by the company, Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers are affected by Remote Command Execution vulnerability that resides in the Management Interface. The flaw, tracked as CVE-2021-1459, has been rated with a CVSS score of 9.8 SecurityAffairs – hacking, Cisco).

Small Business 129

Small Business Wireless VPN Firewall 129

Security Affairs

DECEMBER 11, 2021

The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group Between September 2021 and November 2021, the group hit over 40 victims across multiple industries. group and karakurt[.]tech,

Cybercrime 79

Cybercrime VPN Ransomware Hacking 79

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An SecurityAffairs – hacking, ransomware).

VPN 86

VPN Firewall Firmware Authentication 86

Security Affairs

DECEMBER 12, 2023

Our researchers believe that the leaked database was likely a production database used for development purposes, as it included customer data, logs, drivers’ personal identifiable information (PII), registration and bank details, as well as passenger order details. The data covered a period from 2018 to 2021.

VPN 121

VPN Accountability Banking Marketing 121

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 110

Energy and Utilities VPN Manufacturing Firewall 110

Security Affairs

DECEMBER 18, 2022

years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Pierluigi Paganini.

Data breaches 93

Data breaches Hacking DDOS VPN 93