Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. The Orange Cyberdefense CERT investigated four attackers with a similar initial access vector consisting of thecompromise of a Check Point VPN appliance. ” reads the advisory Check Point Security Gateways.

Healthcare 84

Healthcare Ransomware VPN Malware 84

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. 5035 and older versions.

VPN 98

VPN Ransomware Firewall Internet 98

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 139

VPN Firewall Authentication Hacking 139

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN 292

VPN Banking Cybercrime Internet 292

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 129

Backups Ransomware VPN Authentication 129

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise. for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. .”

Firewall 73

Firewall Ransomware VPN Firmware 73

Security Affairs

MARCH 14, 2025

The threat actor exploited CVE-2024-55591 and CVE-2025-24472 in FortiOS and FortiProxy to gain super-admin access on vulnerable Fortinet appliances. “CVE-2024-55591 and CVE-2025-24472 allow unauthenticated attackers to gain super_admin privileges on vulnerable FortiOS devices (<7.0.16) with exposed management interfaces.”

Firewall 65

Firewall Ransomware VPN Encryption 65

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) CVE-2024-21887 – a command-injection vulnerability found into multiple web components with a CVSS score of 9.1″

VPN 127

VPN Authentication Small Business Telecommunications 127

eSecurity Planet

OCTOBER 28, 2024

October 21, 2024 VMware Re-Patches September Vulnerability Type of vulnerability: Heap overflow and privilege escalation. This vulnerability is tracked as CVE-2024-38812 and has a base score of 9.8. October 22, 2024 Samsung Zero-Day Could Allow Privilege Escalation Type of vulnerability: Use-after-free. base score.

Phishing 102

Phishing Authentication Software VPN 102

SecureWorld News

MAY 28, 2024

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company has warned in a new advisory. In light of these events, we have been monitoring attempts to gain unauthorized access to VPNs of Check Point's customers.

VPN 108

VPN Passwords Authentication Architecture 108

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1) The flaw CVE-2023-46805 (CVSS score 8.2) is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN 126

VPN Malware Authentication Small Business 126

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 Secure payment methods Ensure safe processing of financial transactions.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

NOVEMBER 21, 2024

Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 109

Cybercrime Identity Theft Cryptocurrency Phishing 109

SecureList

NOVEMBER 23, 2023

Cybercriminals continued targeting gamers’ accounts filled with valuable in-game items or giving access to games on several devices, and often used in-game currency to lure victims to participate in their scams. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024.

VPN 130

VPN Scams Education Internet 130

Webroot

MAY 9, 2025

Little do you know, clicking that link could open the door for scammers to steal your identity, empty your bank account, or even plant malicious software (malware) on your device. The goal is to get you to give up sensitive personal details that can be used to hack into your accounts, and they are alarmingly successful.

Scams 72

Scams Mobile Banking VPN 72

Security Affairs

FEBRUARY 1, 2024

The CISA’s emergency directive orders to disconnect all instances no later than 11:59PM on Friday February 2, 2024. “As soon as possible and no later than 11:59PM on Friday February 2, 2024, disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure solution products from agency networks.”

VPN 129

VPN Authentication Software Malware 129

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Cloud services alerts increased by 20% due to rising cloud account usage, while malicious file alerts in phishing attacks remain high, exploiting users’ tendencies to open files.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Malwarebytes

FEBRUARY 19, 2025

And in 2024, one malicious program in particular is responsible for the lions share of info stealer activityracking up 70% of known info stealer detections on Mac. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 127

Malware Software Passwords Cryptocurrency 127

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

The Hacker News

OCTOBER 14, 2024

Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0

Ransomware 129

Ransomware VPN Backups Accountability 129

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. This method poses a risk of exposing sensitive data or enabling fraudulent activities.

VPN 139

VPN Accountability Firewall Data breaches 139

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 68

Spyware Data breaches DNS Artificial Intelligence 68

eSecurity Planet

JANUARY 29, 2024

Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane. You can also set up compromised password alerts that will proactively look for leaked passwords or vulnerable accounts across your company. You can unsubscribe at any time.

Password Management 109

Password Management Passwords Authentication Accountability 109

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks.

Ransomware 125

Ransomware Authentication Encryption VPN 125

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. RaaS usage is expected to increase by 25% in 2024.

Social Engineering 141

Social Engineering Cyber Attacks Cyber Insurance IoT 141

eSecurity Planet

AUGUST 20, 2024

A virtual private network (VPN) is a great way to increase your online security. Bitdefender, an industry leader in cybersecurity, created this VPN service to protect your information from malicious actors, online ads, and hackers. Once the User Account Control dialog box appears, choose Yes.

VPN 57

VPN Accountability Antivirus Passwords 57

Krebs on Security

APRIL 20, 2023

Mandiant found the earliest evidence of compromise uncovered within 3CX’s network was through the VPN using the employee’s corporate credentials, two days after the employee’s personal computer was compromised. Microsoft Corp.

Malware 329

Malware Software Technology Accountability 329

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 130

VPN Cybercrime Ransomware Hacking 130

SecureList

JUNE 3, 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024.

Banking 117

Banking Malware Computers and Electronics Mobile 117

SecureList

SEPTEMBER 3, 2024

The code was inserted in February and March 2024, mostly by Jia Cheong Tan – probably a fictitious identity. The XZ compromise was assigned the identifier CVE-2024-3094 and the maximum severity level of 10. The threat actor also made use of the server utility (VPN Server) from the SoftEther VPN package for tunneling.

Malware 109

Malware Passwords Ransomware Encryption 109

eSecurity Planet

SEPTEMBER 3, 2024

It includes Hotspot Shield VPN, which enhances your online privacy. While Hotspot Shield may not be the top VPN on the market, it provides satisfactory performance, with download speeds of 95% in Australia and 92% in the US. Once you’ve created your account and generated your master password, then you’re done! per month.

Password Management 104

Password Management Passwords Encryption VPN 104

SecureList

MARCH 19, 2025

At the end of 2024, we discovered a new stealer distributed via YouTube videos promoting game cheats. It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla and DynDNS. What’s intriguing about this malware is how much it collects.

Passwords 81

Passwords Media Malware VPN 81

Security Affairs

APRIL 19, 2024

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. ” reads a post published by the organization on Medium.

Cyber Attacks 142

Cyber Attacks VPN Authentication Hacking 142

Security Affairs

SEPTEMBER 22, 2024

In spring 2024, the Telegram channel -=TWELVE=- was blocked for posting personal data in violation of Telegram’s terms. The threat actor gains initial access by abusing valid local or domain accounts, VPN or SSH certificates. Then the threat actor relies on the Remote Desktop Protocol (RDP) to facilitate lateral movement.

VPN 130

VPN Encryption Hacking Ransomware 130

SecureWorld News

AUGUST 28, 2024

The vulnerability, CVE-2024-39717 , affects Versa Director versions 21.2.3, Researchers at Lumen's Black Lotus Labs discovered the exploit on June 17, 2024, after analyzing a suspicious file uploaded to VirusTotal. Further investigation revealed that Volt Typhoon had exploited this vulnerability since June 12, 2024. and 22.1.3.

VPN 107

VPN Firewall Accountability Internet 107

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” is a company that tracks VPNs and proxy services worldwide. “And at least two of them explained that Stark offered them free VPN services that they were reselling.”

DDOS 331

DDOS Internet Internet Government 331

Security Affairs

DECEMBER 1, 2024

Soldier Major cybercrime operation nets 1,006 suspects UK hospital network postpones procedures after cyberattack Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government Rockstar 2FA: A Driving (..)

Cybercrime 70

Cybercrime Firewall Ransomware Social Engineering 70