2023, Malware and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

It activates upon detecting a “magic packet” with predefined parameters, enabling attackers to establish a reverse shell, control devices, steal data, or deploy malware. Earliest evidence dates to September 2023, but the experts have yet to determine the initial access method.

Malware

Malware VPN Encryption Hacking

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

The Hacker News

MAY 3, 2025

The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning a tactic often used to maintain persistent access for future

VPN

VPN Malware

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware.

VPN

VPN Government Malware Manufacturing

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Security Affairs

NOVEMBER 9, 2024

In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups

Backups Ransomware VPN Accountability

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 21

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware

Malware Spyware Antivirus VPN

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware

Malware Passwords Accountability Advertising

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm. The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities.

Passwords

Passwords Wireless VPN Accountability

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

But last week, Barracuda took the highly unusual step of offering to replace compromised ESGs , evidently in response to malware that altered the systems in such a fundamental way that they could no longer be secured remotely with software updates. “They sold so many VPNs through the pandemic and this is the hangover,” Gray said.

Risk

Risk VPN Internet Internet

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware

Malware Software Passwords Cryptocurrency

US authorities have indicted Black Kingdom ransomware admin

Security Affairs

MAY 4, 2025

“According to the indictment, from March 2021 to June 2023, Ahmed and others infected computer networks of several U.S.-based In June 2020, Black Kingdom ransomware operators started targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. ” reads the press release published by DoJ.

Ransomware

Ransomware Encryption VPN Cryptocurrency

China-linked APT group MirrorFace targets Japan

Security Affairs

JANUARY 10, 2025

The group exploited vulnerabilities in networking equipment, including CVE-2023-28461 (Array Networks), CVE-2023-27997 (Fortinet), and CVE-2023-3519 (Citrix). Campaign A (20192023): Used emails with malware attachments (LODEINFO) to target politicians, media, and government. ” reads the report published by NPA.“This

Antivirus

Antivirus Malware System Administration Technology

France links Russian APT28 to attacks on dozen French entities

Security Affairs

APRIL 30, 2025

. “The analyses of the TTPs used during APT28 campaigns since 2021 and the recommendations published in October of 2023 remain relevant and may be consulted on the website of the CERT-FR” APT28’s attack chain begins with phishing and brute-force attacks, along with zero-day exploitation (e.g. CVE-2023-23397 ).

Government

Government Phishing DNS VPN

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Image: Mandiant.

Malware

Malware Software Technology Accountability

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

X Trending Memorial Day tech sales 2025 Memorial Day TV sales 2025 Memorial Day lawn & outdoor sales 2025 Memorial Day phone sales 2025 Memorial Day health tracker sales 2025 Memorial Day headphone sales 2025 Memorial Day laptop sales 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best (..)

Password Management

Password Management Passwords Software Artificial Intelligence

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

A cyberattack on the Virginia Attorney Generals Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings. The Cloak ransowmare group has been active since at least 2023 and breached more than one hundred organizations across the years. ” reads a report published by Halcyon.

Ransomware

Ransomware Hacking Social Engineering Manufacturing

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 7, 2025

According to Google GTIG, threat actor UNC5221 exploited the flaw since March 2025 to deploy TRAILBLAZE and BRUSHFIRE malware, along with SPAWN malware. Following successful exploitation, we observed the deployment of two newly identified malware families, the TRAILBLAZE in-memory only dropper and the BRUSHFIRE passive backdoor.

Malware

Malware Cybersecurity Hacking Software

Apple quietly makes running Linux containers easier on Macs

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Energy and Utilities Artificial Intelligence

Fog Ransomware Exploits Legitimate Monitoring Software in Sophisticated Attacks

SecureWorld News

JUNE 12, 2025

Fog was first identified in May 2023, when it was seen exploiting stolen VPN credentials to gain access to enterprise networks. More recently, Fog has been linked to attacks exploiting vulnerabilities in Veeam Backup & Replication (VBR) servers and SonicWall SSL VPN endpoints.

Software

Software Ransomware VPN Surveillance

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Authentication

Authentication Password Management Small Business Passwords

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Penetration Testing

JUNE 15, 2025

Skip to content June 16, 2025 Linkedin Twitter Facebook Youtube Daily CyberSecurity Primary Menu Home Cyber Criminals Cyber Security Data Leak Linux Malware Vulnerability Submit Press Release Vulnerability Report Windows Search for: Home News Vulnerability Report Critical Blink Router Flaws (CVSS 9.8)

Firmware

Firmware DNS Penetration Testing Malware

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

SecureList

OCTOBER 29, 2024

Moreover, exploitation of a public-facing application was the root cause in 42.37% of cases investigated by the Kaspersky Global Emergency Response Team (GERT) in 2023. Check the consultant’s laptop for malware. Outdated malware signatures. Collect a forensic triage package from the consultant’s laptop.

Risk

Risk Antivirus Accountability Malware

How global threat actors are weaponizing AI now, according to OpenAI

Zero Day

JUNE 6, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Passwords

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware

Spyware Firewall Artificial Intelligence Malware

Here's why network infrastructure is vital to maximizing your company's AI adoption

Zero Day

JUNE 14, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

The Last Watchdog

JANUARY 3, 2023

At the start of 2023, consumers remain out in the cold when it comes to online protection. Criminals who can infiltrate your children’s device through things like ‘free’ games, ringtones or other files that hide malware, can gain access to your entire family’s devices. Related: Leveraging employees as human sensors.

Risk

Risk Cybersecurity Antivirus Phishing

Tips to make your summer travels cyber safe

Webroot

JUNE 17, 2025

Fewer than 1 in 3 travelers (31%) protect their data with a virtual private network (VPN) when traveling internationally. Fraud rates in sectors associated with the early stages of trip planning increased more than 12% between 2023 and 2024. As soon as you start booking your trip, the cybercriminals start circling.

VPN

VPN Scams Computers and Electronics Phishing

Hacktivist group Twelve is back and targets Russian entities

Security Affairs

SEPTEMBER 22, 2024

The hacktivist group Twelve has been active since at least April 2023, it was formed in the wake of the conflict between Russia and Ukraine. The group relies on publicly available tools and malware, making it possible to detect and prevent Twelve’s attacks in due time.

VPN

VPN Encryption Hacking Ransomware

Patch your Windows PC now before bootkit malware takes it over - here's how

Zero Day

JUNE 11, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Malware

Malware Password Management Small Business Artificial Intelligence

Hacking campaign compromised at least 16 Chrome browser extensions

Security Affairs

DECEMBER 31, 2024

One of the victims of this campaign is the cybersecurity firm Cyberhaven, on December 24 attackers published a malware-laced version of their Chrome extension. The malicious code allowed attackers to steal cookies and access tokens. The attacker used these credentials to publish a malicious version of our Chrome extension (version 24.10.4).”

Hacking

Hacking Phishing VPN Malware

Your Android phone just got a big upgrade for free - these Pixel models included

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Software

Privacy Roundup: Week 7 of Year 2025

Security Boulevard

FEBRUARY 17, 2025

Privacy Services Mullvad has partnered with Obscura VPN Mullvad Mullvad announces its partnership with ObscuraVPN; Mullvad WireGuard VPN servers can be used as the exit hop for the two-party VPN service offered by ObscuraVPN. Malware campaigns covered generally target/affect the end user.

Surveillance

Surveillance Data breaches VPN Malware

Facebook's new passkey support could let you ditch your password once and for all

Zero Day

JUNE 19, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Passwords

Passwords Password Management Small Business Mobile

Apple Intelligence is getting more languages - and AI-powered translation

Zero Day

JUNE 9, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

The iPad I recommend to most users is only $299 right now

Zero Day

JUNE 14, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Small Business

Small Business Password Management Artificial Intelligence Software

Your Android phone just got a major feature upgrade for free - including these Pixel models

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Software

Yet another European government is ditching Microsoft for Linux - here's why

Zero Day

JUNE 16, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Government

Government Password Management Small Business Software

ChatGPT can now connect to MCP servers - here's how, and what to watch for

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

Is this the end of Intel-based Macs? Apple confirms bittersweet update policy for MacOS

Zero Day

JUNE 9, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Digital transformation

I found a Linux distro that combines the best parts of other operating systems (and it works)

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Energy and Utilities Artificial Intelligence

Get a Google Pixel 9a and Pixel Buds A-Series on T-Mobile - here's how it works

Zero Day

JUNE 11, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Mobile

Mobile Password Management Small Business Retail

Is your Pixel glitchy after Android 16? Here's the best workaround we've found so far

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Digital transformation

Forget Ray-Bans: The $499 Meta Oakley smart glasses are better in almost every way

Zero Day

JUNE 20, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Wyze wants to keep prying eyes away from your cameras with this new feature

Zero Day

JUNE 20, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

J-magic malware campaign targets Juniper routers

Trending Sources

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

China’s Volt Typhoon botnet has re-emerged

Veeam Backup & Replication exploit reused in new Frag ransomware attack

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 21

Giving a Face to the Malware Proxy Service ‘Faceless’

Chinese threat actors use Quad7 botnet in password-spray attacks

CISA Order Highlights Persistent Risk at Network Edge

Macs targeted by info stealers in new era of cyberthreats

US authorities have indicted Black Kingdom ransomware admin

China-linked APT group MirrorFace targets Japan

France links Russian APT28 to attacks on dozen French entities

3CX Breach Was a Double Supply Chain Compromise

86 million AT&T customer records reportedly up for sale on the dark web

Cloak ransomware group hacked the Virginia Attorney General’s Office

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

Apple quietly makes running Linux containers easier on Macs

Fog Ransomware Exploits Legitimate Monitoring Software in Sophisticated Attacks

Why SMS two-factor authentication codes aren't safe and what to use instead

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

How global threat actors are weaponizing AI now, according to OpenAI

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Here's why network infrastructure is vital to maximizing your company's AI adoption

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

Tips to make your summer travels cyber safe

Hacktivist group Twelve is back and targets Russian entities

Patch your Windows PC now before bootkit malware takes it over - here's how

Hacking campaign compromised at least 16 Chrome browser extensions

Your Android phone just got a big upgrade for free - these Pixel models included

Privacy Roundup: Week 7 of Year 2025

Facebook's new passkey support could let you ditch your password once and for all

Apple Intelligence is getting more languages - and AI-powered translation

The iPad I recommend to most users is only $299 right now

Your Android phone just got a major feature upgrade for free - including these Pixel models

Yet another European government is ditching Microsoft for Linux - here's why

ChatGPT can now connect to MCP servers - here's how, and what to watch for

Is this the end of Intel-based Macs? Apple confirms bittersweet update policy for MacOS

I found a Linux distro that combines the best parts of other operating systems (and it works)

Get a Google Pixel 9a and Pixel Buds A-Series on T-Mobile - here's how it works

Is your Pixel glitchy after Android 16? Here's the best workaround we've found so far

Forget Ray-Bans: The $499 Meta Oakley smart glasses are better in almost every way

Wyze wants to keep prying eyes away from your cameras with this new feature

Stay Connected