Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Zero Day

JUNE 6, 2025

Collectively, they could easily put affected customers at risk for account takeovers and identity theft. Affecting "nearly all AT&T cellular customers," the company said at the time that the data included phone numbers and certain phone call data stemming from May 1, 2022, to October 31, 2022, and on January 2, 2023.

Password Management 128

Password Management Passwords Artificial Intelligence Software 128

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. The flaw CVE-2023-46805 (CVSS score 8.2) In December 2023, Volexity investigated an attack where an attacker was placing webshells on multiple internal and external-facing web servers.

VPN 129

VPN Authentication Small Business Telecommunications 129

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The flaw CVE-2023-46805 (CVSS score 8.2) In December 2023, Volexity investigated an attack where an attacker was placing webshells on multiple internal and external-facing web servers.

VPN 129

VPN Malware Authentication Small Business 129

Krebs on Security

JUNE 15, 2023

” Meanwhile, this week we learned more details about the ongoing exploitation of a zero-day flaw in a broad range of virtual private networking (VPN) products made by Fortinet — devices many organizations rely on to facilitate remote network access for employees. “Patch your #Fortigate.” “Patch your #Fortigate.”

Risk 279

Risk VPN Internet Internet 279

Malwarebytes

OCTOBER 11, 2023

In other news, both LockBit and the Akira ransomware gang, the latter of which has tallied 125 victims since we first began tracking them in April 2023, were confirmed last month to be exploiting a specific zero-day flaw ( CVE-2023-20269 ) in Cisco VPN appliances. In September, they had a staggering 53 victims.

Ransomware 137

Ransomware Social Engineering Backups Engineering 137

The Last Watchdog

SEPTEMBER 26, 2023

26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. For more detailed information on each of these principles and how to get the VPN Trust Seal, please visit the VTI website.

VPN 100

VPN Internet Internet Technology 100

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

VPN 98

VPN Ransomware Hacking Education 98

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack. ” continues the company.

Accountability 138

Accountability Social Engineering Authentication VPN 138

Zero Day

JUNE 17, 2025

PT kontekbrothers/Getty We've probably all received confirmation codes sent via text message when trying to sign into an account. Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone.

Authentication 107

Authentication Password Management Small Business Passwords 107

Security Affairs

SEPTEMBER 8, 2023

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. “This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features.

Ransomware 145

Ransomware VPN Authentication Hacking 145

Security Affairs

JANUARY 10, 2025

The group exploited vulnerabilities in networking equipment, including CVE-2023-28461 (Array Networks), CVE-2023-27997 (Fortinet), and CVE-2023-3519 (Citrix). Campaign B (2023): Exploited software vulnerabilities in networking devices, focusing on semiconductor, manufacturing, and aerospace sectors. VS Code).

Antivirus 77

Antivirus Malware System Administration Technology 77

Security Affairs

FEBRUARY 1, 2024

CISA also warned to continue to audit privilege-level access accounts. In early January, the software firm reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. 20240126.5.xml”

VPN 131

VPN Authentication Software Malware 131

Malwarebytes

FEBRUARY 19, 2025

With stolen passwords, the impact is even broader; hackers could wire funds from a breached online banking account into their own, or masquerade as someone on social media to ask friends and family for money. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 127

Malware Software Passwords Cryptocurrency 127

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 104

VPN Authentication Ransomware Antivirus 104

Security Affairs

AUGUST 31, 2023

. “Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.”

Authentication 138

Authentication Ransomware VPN Hacking 138

Krebs on Security

APRIL 18, 2023

Riley Kilmer is co-founder of Spur.us , a company that tracks thousands of VPN and proxy networks, and helps customers identify traffic coming through these anonymity services. In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices.

Malware 305

Malware Passwords Accountability Advertising 305

SecureList

OCTOBER 29, 2024

Patch management issues The vulnerability patching process typically takes time for a variety of reasons: from actual patch release all the way to identifying vulnerable assets and “properly” patching them, considering any pre-existing asset inventory and whether the accountable personnel will learn about the vulnerability in time.

Risk 110

Risk Antivirus Accountability Malware 110

Webroot

JUNE 17, 2025

Fewer than 1 in 3 travelers (31%) protect their data with a virtual private network (VPN) when traveling internationally. Fraud rates in sectors associated with the early stages of trip planning increased more than 12% between 2023 and 2024. Thieves often access loyalty accounts with credentials stolen in a data breach.

VPN 82

VPN Scams Computers and Electronics Phishing 82

Krebs on Security

APRIL 20, 2023

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. Microsoft Corp.

Malware 331

Malware Software Technology Accountability 331

Security Affairs

JUNE 22, 2023

The proof-of-concept (PoC) exploit code for high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure was published online. The client update process is executed after a successful VPN connection is established.” This behaviour can be abused to perform arbitrary file delete as NT AuthoritySYSTEM account.”

VPN 98

VPN Mobile Software Authentication 98

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 98

VPN Authentication Mobile Firewall 98

Zero Day

JUNE 22, 2025

Here's how to check if your accounts are at risk and what to do next. Also:   The best VPN services right now   Further, Cybernews blamed other media outlets for claiming that Facebook, Google, and Apple credentials were leaked.

Passwords 97

Passwords Data breaches Password Management Accountability 97

Security Affairs

OCTOBER 6, 2023

Cisco addressed a critical Static Credentials Vulnerability, tracked as CVE-2023-20101, impacting Emergency Responder. Cisco released security updates to address a critical vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), impacting Emergency Responder. ” reads the advisory published by Cisco.

Accountability 132

Accountability VPN Hacking Software 132

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

JUNE 13, 2023

Microsoft’s Patch Tuesday for June 2023 addresses 78 vulnerabilities, a significant increase from last month’s total of 37. The six critical vulnerabilities are as follows: CVE-2023-24897 , a remote code execution vulnerability in.NET,NET Framework, and Visual Studio, with a CVSS score of 7.8 is also worth noting.

Accountability 98

Accountability VPN Software Engineering 98

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” is a company that tracks VPNs and proxy services worldwide. “And at least two of them explained that Stark offered them free VPN services that they were reselling.”

DDOS 334

DDOS Internet Internet Government 334

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 132

VPN Cybercrime Ransomware Hacking 132

Zero Day

JUNE 6, 2025

One of the cases with probable Chinese origins, for example, found ChatGPT accounts generating social media posts in English, Chinese, and Urdu. What the report found In each of the 10 cases outlined in the new report, OpenAI outlined how it detected and addressed the problem.

Artificial Intelligence 95

Artificial Intelligence Password Management Small Business Passwords 95

SecureList

DECEMBER 19, 2024

The targeted company employs this technology to allow employees to download specific policies to their corporate devices, granting them secure access to the Fortinet VPN. Filesystem artifacts confirmed the execution of remote monitoring and management (RMM) tools, such as ScreenConnect and AnyDesk. FCEMSMSSQLLogERRORLOG.X.

Internet 106

Internet Internet Passwords Accountability 106

Malwarebytes

JULY 21, 2023

This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by August 9, 2023 to protect their networks against active threats. The actively exploited CVE patched in this update is CVE-2023-3519 a Citrix NetScaler ADC and NetScaler Gateway code injection vulnerability with a CVSS score of 9.8

Authentication 98

Authentication VPN Cybercrime Cybersecurity 98

Zero Day

JUNE 20, 2025

Here's how to check if your accounts are at risk and what to do next. Also:   The best VPN services right now   Further, Cybernews blamed other media outlets for claiming that Facebook, Google, and Apple credentials were leaked. Close Home Tech Security Heard about the 16 billion passwords leak?

Passwords 89

Passwords Data breaches Password Management Identity Theft 89

The Last Watchdog

JANUARY 3, 2023

At the start of 2023, consumers remain out in the cold when it comes to online protection. Since many people use the same passwords across social media platforms and for sites for banks or credit cards, a criminal needs access to just one account to gain access to every account. Related: Leveraging employees as human sensors.

Risk 203

Risk Cybersecurity Antivirus Phishing 203

Identity IQ

DECEMBER 20, 2023

2023: A Year of Record-Breaking Data Breaches IdentityIQ This past year has been an eye-opening year in the realm of digital security. Here, we review the largest data breaches of 2023, analyze the trends, and review proactive measures to navigate the future of security. But the ramifications extend far beyond individual suffering.

Data breaches 90

Data breaches Identity Theft Cybercrime Social Engineering 90

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 141

Ransomware Encryption Antivirus Architecture 141

Zero Day

JUNE 19, 2025

PT NurPhoto / Contributor/Getty For all of us who hate passwords, passkeys represent a simpler and safer way of authenticating online accounts. But the passkey won't be limited to your actual Facebook account. Written by Lance Whitney, Contributor June 19, 2025 at 12:30 a.m.

Passwords 71

Passwords Password Management Small Business Mobile 71

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98