Security Affairs

NOVEMBER 3, 2024

In September 2024, the Sekoia TDR team reported it had identified additional implants associated with the Quad7 botnet operation. The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities.

Passwords 134

Passwords Wireless VPN Accountability 134

Troy Hunt

FEBRUARY 25, 2025

By doing dumb stuff like this: “Around October I downloaded a pirated version of Adobe AE and after that a trojan got into my pc” pic.twitter.com/igEzOayCu6 — Troy Hunt (@troyhunt) August 5, 2024 So now this guy has malware running on his PC which is siphoning up all his credentials as they're entered into websites.

Passwords 362

Passwords Accountability VPN Malware 362

Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. The Orange Cyberdefense CERT investigated four attackers with a similar initial access vector consisting of thecompromise of a Check Point VPN appliance. ” reads the advisory Check Point Security Gateways.

Healthcare 87

Healthcare Ransomware VPN Malware 87

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild.

VPN 126

VPN Authentication Passwords Accountability 126

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. 5035 and older versions.

VPN 98

VPN Ransomware Firewall Internet 98

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 141

VPN Firewall Authentication Hacking 141

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN 301

VPN Banking Cybercrime Internet 301

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 131

Backups Ransomware VPN Authentication 131

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise. for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. .”

Firewall 75

Firewall Ransomware VPN Firmware 75

Security Affairs

MARCH 14, 2025

The threat actor exploited CVE-2024-55591 and CVE-2025-24472 in FortiOS and FortiProxy to gain super-admin access on vulnerable Fortinet appliances. “CVE-2024-55591 and CVE-2025-24472 allow unauthenticated attackers to gain super_admin privileges on vulnerable FortiOS devices (<7.0.16) with exposed management interfaces.”

Firewall 67

Firewall Ransomware VPN Encryption 67

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) CVE-2024-21887 – a command-injection vulnerability found into multiple web components with a CVSS score of 9.1″

VPN 129

VPN Authentication Small Business Telecommunications 129

eSecurity Planet

OCTOBER 28, 2024

October 21, 2024 VMware Re-Patches September Vulnerability Type of vulnerability: Heap overflow and privilege escalation. This vulnerability is tracked as CVE-2024-38812 and has a base score of 9.8. October 22, 2024 Samsung Zero-Day Could Allow Privilege Escalation Type of vulnerability: Use-after-free. base score.

Phishing 102

Phishing Authentication Software VPN 102

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) The flaw CVE-2023-46805 (CVSS score 8.2) is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN 129

VPN Malware Authentication Small Business 129

Security Affairs

NOVEMBER 21, 2024

Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Malwarebytes

FEBRUARY 19, 2025

And in 2024, one malicious program in particular is responsible for the lions share of info stealer activityracking up 70% of known info stealer detections on Mac. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 137

Malware Software Passwords Cryptocurrency 137

SecureList

NOVEMBER 23, 2023

Cybercriminals continued targeting gamers’ accounts filled with valuable in-game items or giving access to games on several devices, and often used in-game currency to lure victims to participate in their scams. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024.

VPN 133

VPN Scams Education Internet 133

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 Secure payment methods Ensure safe processing of financial transactions.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

FEBRUARY 1, 2024

The CISA’s emergency directive orders to disconnect all instances no later than 11:59PM on Friday February 2, 2024. “As soon as possible and no later than 11:59PM on Friday February 2, 2024, disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure solution products from agency networks.”

VPN 131

VPN Authentication Software Malware 131

The Hacker News

OCTOBER 14, 2024

Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0

Ransomware 139

Ransomware Backups VPN Accountability 139

SecureWorld News

MAY 28, 2024

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company has warned in a new advisory. In light of these events, we have been monitoring attempts to gain unauthorized access to VPNs of Check Point's customers.

VPN 109

VPN Passwords Authentication Architecture 109

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Cloud services alerts increased by 20% due to rising cloud account usage, while malicious file alerts in phishing attacks remain high, exploiting users’ tendencies to open files.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing Manufacturing 126

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. This method poses a risk of exposing sensitive data or enabling fraudulent activities.

VPN 140

VPN Accountability Firewall Data breaches 140

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Security Affairs

JUNE 6, 2025

” Maxim Rudometov has been closely involved with the RedLine infostealer operation, regularly managing its technical infrastructure and handling cryptocurrency accounts used to receive and launder payments. Use a password manager : Simplifies managing strong, unique passwords across accounts. ” continues the announcement.

Malware 81

Malware Passwords Identity Theft Accountability 81

Webroot

MAY 9, 2025

Little do you know, clicking that link could open the door for scammers to steal your identity, empty your bank account, or even plant malicious software (malware) on your device. The goal is to get you to give up sensitive personal details that can be used to hack into your accounts, and they are alarmingly successful.

Scams 72

Scams Mobile Banking VPN 72

Security Affairs

JANUARY 10, 2025

Between 2019 and 2024, the MirrorFace group launched three cyber campaigns targeting Japanese think tanks, government, academia, and key industries. Campaign C (2024): Delivered malware (ANEL) via email links, targeting academia and think tanks, evolving to abuse Visual Studio Code. ” reads the report published by NPA.“This

Antivirus 77

Antivirus Malware System Administration Technology 77

Zero Day

JUNE 6, 2025

Collectively, they could easily put affected customers at risk for account takeovers and identity theft. The records are being linked to the same ones compromised by cybercriminals in a data breach that AT&T announced in July of 2024. million former account holders. million existing AT&T subscribers and 65.4

Password Management 98

Password Management Passwords Artificial Intelligence Software 98

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks.

Ransomware 128

Ransomware Authentication Encryption Manufacturing 128

eSecurity Planet

JANUARY 29, 2024

Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane. You can also set up compromised password alerts that will proactively look for leaked passwords or vulnerable accounts across your company. You can unsubscribe at any time.

Password Management 109

Password Management Passwords Authentication Accountability 109

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. RaaS usage is expected to increase by 25% in 2024.

Social Engineering 142

Social Engineering Cyber Attacks Cyber Insurance IoT 142

Krebs on Security

APRIL 20, 2023

Mandiant found the earliest evidence of compromise uncovered within 3CX’s network was through the VPN using the employee’s corporate credentials, two days after the employee’s personal computer was compromised. Microsoft Corp.

Malware 331

Malware Software Technology Accountability 331

eSecurity Planet

AUGUST 20, 2024

A virtual private network (VPN) is a great way to increase your online security. Bitdefender, an industry leader in cybersecurity, created this VPN service to protect your information from malicious actors, online ads, and hackers. Once the User Account Control dialog box appears, choose Yes.

VPN 57

VPN Accountability Antivirus Passwords 57

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 132

VPN Cybercrime Ransomware Hacking 132

SecureList

DECEMBER 19, 2024

The targeted company employs this technology to allow employees to download specific policies to their corporate devices, granting them secure access to the Fortinet VPN. Countries targeted by additional malicious activity on October 23, 2024 ( download ) Three requests originated from the same IP address 135.XXX.XX.47

Internet 107

Internet Internet Passwords Accountability 107

SecureList

SEPTEMBER 3, 2024

The code was inserted in February and March 2024, mostly by Jia Cheong Tan – probably a fictitious identity. The XZ compromise was assigned the identifier CVE-2024-3094 and the maximum severity level of 10. The threat actor also made use of the server utility (VPN Server) from the SoftEther VPN package for tunneling.

Malware 111

Malware Passwords Ransomware Encryption 111

eSecurity Planet

SEPTEMBER 3, 2024

It includes Hotspot Shield VPN, which enhances your online privacy. While Hotspot Shield may not be the top VPN on the market, it provides satisfactory performance, with download speeds of 95% in Australia and 92% in the US. Once you’ve created your account and generated your master password, then you’re done! per month.

Password Management 104

Password Management Passwords Encryption VPN 104