Accountability, Advertising, Information Security and VPN

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN

VPN Cybercrime Advertising Accountability

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Security Affairs

OCTOBER 9, 2019

NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws. Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

VPN

VPN Advertising Accountability Healthcare

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to breach into the target networks. Pierluigi Paganini.

VPN

VPN Advertising Healthcare Data breaches

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN

VPN Advertising Hacking Government

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. A DIRECT QUOT The domain quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Protecting Your Digital Identity: Celebrating Identity Management Day

Webroot

APRIL 3, 2024

In a world where our lives are increasingly navigated through digital apps and online accounts, understanding and managing our online identities has become paramount. Simply put, it’s the practice of ensuring that only authorized individuals have access to your sensitive information and online accounts.

VPN

VPN Passwords Scams Accountability

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

. “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI.

Cybercrime

Cybercrime Education Accountability Phishing

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server. “First the threat actor logged into a user’s O365 account from Internet Protocol (IP) address 91.219.236[.]166

VPN

VPN Malware Cyber threats Accountability

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. “Account accesses for antivirus programs garner the second-highest prices: around $21.67. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft. Pierluigi Paganini.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

A member The Dark Overlord group sentenced to 5 years in prison

Security Affairs

SEPTEMBER 22, 2020

.” According to the 2017 indictment , Wyatt used email and telephone accounts to send messages used to threaten the hacked companies of releasing their information. “a. WYATT registered a telephone account (Account B) used in the course of the conspiracy to send threatening and extortionate text messages to victims.“.

Identity Theft

Identity Theft Accountability Hacking Advertising

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. Avoid reusing passwords for multiple accounts.

Ransomware

Ransomware DDOS Passwords Backups

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. pic.twitter.com/fJ3BwlaHsR — ??????3

Ransomware

Ransomware Malware Advertising Cybercrime

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering

Social Engineering VPN Phishing Authentication

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. ” reads the report published by Qihoo 360.

Firmware

Firmware VPN Accountability Advertising

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The attackers connects to a dedicated commercially-shared VPN server using OpenVPN and then uses compromised email credentials to send out credential spam via a commercial email service provider. It is unclear why APT28 is using compromised email accounts of (mostly) defense companies in the Middle East. Pierluigi Paganini.

Phishing

Phishing Accountability Advertising DNS

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

” In the course of this research, we found out that the prevalent posts revolved around the sale of compromised accounts, internal databases, and documents, along with access to corporate infrastructures. Some of them are repeated advertisements on the same leakage.

Data breaches

Data breaches Accountability Telecommunications Malware

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Security Affairs

OCTOBER 15, 2020

A series of messages published on Barnes & Noble’s Nook social media accounts state that it had suffered a system failure and is working to restore operations by restoring their server backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” states GoodReader. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks VPN Backups Ransomware

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

Security Affairs

OCTOBER 3, 2019

With this resource, it was possible to buy activated accounts in large numbers to various mail resources, social networks, payment systems and more. At the same time, verified accounts were also sold, the cost of which was much higher.” Crooks were preserving their anonymity using VPN and TOR services. Pierluigi Paganini.

Cybercrime

Cybercrime VPN Advertising Accountability

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Netwalker ransomware operators announced the attack with a message posted on their online blog and shared a few screenshots as proof of the security breach. One of the images shared by the group shows a directory containing folders such as Accounts Receivable, Finance, collection letters, Expenses, and Employees. . Pierluigi Paganini.

Ransomware

Ransomware VPN Advertising Marketing

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

. “The current data leak includes snapshots of highly sensitive bank-related documents of the company such as account transaction details, vouchers, letters sent to bank managers, and much more.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Banking Mobile

Chilean bank BancoEstado hit by REVil ransomware

Security Affairs

SEPTEMBER 7, 2020

The attack took place over the weekend, the closure of the BancoEstado breaches was announced by the bank through its Twitter account. The REvil ransomware gang is one of the most active groups, in the past, the operators have targeted Pulse Secure and Citrix VPN and enterprise gateway systems as entry points.

Banking

Banking Ransomware Advertising VPN

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The Iranian hackers belong to an Iran-based threat actor that was behind attacks exploiting vulnerabilities in Pulse Secure VPN, Citrix Application Delivery Controller (ADC) and Gateway , and F5’s BIG-IP ADC products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Passwords Advertising Password Management

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. The FBI is seeking any information that can be shared related to the operations of the BlackCat ransomware operation. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Antivirus Passwords Malware

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cryptocurrency Advertising Passwords

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Security Affairs

SEPTEMBER 16, 2022

The RedLine malware allows operators to steal several pieces of information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The malicious code can also act as first-stage malware.

Malware

Malware Cryptocurrency Hacking Passwords

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

The Zyxel Cloud CNM SecuManager is a comprehensive network management software that provides an integrated console to manage security gateways including the ZyWALL USG and VPN Series. ” Experts also discovered the presence of backdoor accounts in MySQL. “MySQL is pre-configured with several static accounts.

Accountability

Accountability Advertising Software Authentication

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

So if our ‘warehouse worker’ or equivalent connects through a properly configured VPN, that person’s access within the corporate network is restricted to what they need— from that particular system and email, for example. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Authentication Passwords

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. But in reality, your IP address is as prone to theft as your other information. The only drawback is that many free VPNs are not secure as we think.

Hacking

Hacking VPN Internet Internet

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Starting on September 7, the customers of the company were not able to access the services for their accounts. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Advertising Engineering VPN

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

The best news of the week with Security Affairs. Twitter account of Huawei Mobile Brazil hacked. A flaw in Microsoft OAuth authentication could lead Azure account takeover. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising DDOS VPN Authentication

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

Attackers use stolen VPN credentials to securely connect the target network. Fox-IT noticed that the APT20 group was able to abuse VPN accounts that were protected by 2FA, the experts believe that the group devised a specific technique to achieve this goal. . Pierluigi Paganini. SecurityAffairs – APT20, hacking).

VPN

VPN Hacking Software Advertising

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

AUGUST 22, 2019

If you’re waiting for a flight what better way to pass the time than logging onto your favourite website, checking your bank account or even doing a bit of online shopping? The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. Except there’s a problem.

VPN

VPN Encryption Passwords Small Business

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. Original post: [link]. Google 2FA. Microsft 2FA.

Phishing

Phishing Accountability Hacking Advertising

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Security Affairs

APRIL 28, 2020

After reviewing the attack logs of the Denial of Service, Qurium could quickly determine that the attacker was using Fineproxy VPN service to build a botnet to flood the website. Some of this threats came from an anonymous account in Facebook and two messages were received by WhatsApp. Pierluigi Paganini.

DDOS

DDOS Media VPN Advertising

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used employee’s VPN to access the LinkedIn’s internal network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Cybercrime Data breaches Advertising

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Never use them without proper security measures such as using a VPN. A VPN removes all traces leading back to your original IP address and encrypts your connection to allow safe and private browsing. Software updates often come with releases that patch bugs and security vulnerabilities upon discovery. Avoid Public WI-Fi.

Data privacy

Data privacy Computers and Electronics Government VPN

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

Rhadamanthys is an info stealing malware that was initially advertised for sale on underground forums since the middle of 2022. It can steal crypto wallets, steam accounts, passwords from browsers, FTP clients, chat clients (e.g. Telegram, Discord), email clients, VPN configurations, cookies, grab files, and more.

Malware

Malware Phishing Spyware Cybercrime

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

Court documents revealed that Facebook representatives were interested in effectively monitor mobile devices of users who had already installed Onavo, a VPN product developed by Facebook that analyzed the web traffic of users who downloaded it to monitor other apps installed by the users. ” Who will win? Facebook or NSO Group?

Surveillance

Surveillance Spyware Advertising Government

Security Affairs newsletter Round 229 – News of the week

Security Affairs

SEPTEMBER 1, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510. White hat hacker demonstrated how to hack a million Instagram accounts.

eCommerce

eCommerce Data breaches Malware Advertising

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

How to secure it. Administrators can follow the Container Journal’s advice by configuring their API servers to allow cluster API access only via the internal network or a corporate VPN. Once they’ve implemented that security measure, they can use RBAC authorization to further limit who has access to the cluster. What is it?

Advertising

Advertising Internet Internet VPN

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. Links account for 29%, while attachments—for 71%. Another trend was disguising malware in emails.

Ransomware

Ransomware Antivirus Malware Banking

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

Unlike some other underground cybercriminal gangs, Wizard Spider doesn’t openly advertise on underground forums, perhaps for security reasons. Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes.

Healthcare

Healthcare Ransomware Encryption Passwords

7 VPN services left data of millions of users exposed online

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . The server was secured on July 15 th.

VPN

VPN Advertising Passwords Internet

Bulletproof VPN services took down in a global police operation

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Webinars

Trending Sources

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Webinars

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Interview With a Crypto Scam Investment Spammer

Protecting Your Digital Identity: Celebrating Identity Management Day

FBI: Compromised US academic credentials available on various cybercrime forums

CISA says federal agency compromised by malicious cyber actor

15 billion credentials available in the cybercrime marketplaces

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

A member The Dark Overlord group sentenced to 5 years in prison

Avoslocker ransomware gang targets US critical infrastructure

REvil Ransomware member win the auction for KPot stealer source code

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Hackers target zero-day flaws in enterprise Draytek network devices

Russia-linked APT28 has been scanning vulnerable email servers in the last year

What to do if your company was mentioned on Darknet?

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

Netwalker ransomware operators claim to have stolen data from Forsee Power

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Chilean bank BancoEstado hit by REVil ransomware

US CISA report shares details on web shells used by Iranian hackers

BlackCat Ransomware gang breached over 60 orgs worldwide

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

5 Ways to Protect Yourself from IP Address Hacking

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs newsletter Round 243

Op Wocao – China-linked APT20 was able to bypass 2FA

The Dangers of Using Unsecured Wi-Fi Networks

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

New TA886 group targets companies with custom Screenshotter malware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs newsletter Round 229 – News of the week

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

7 VPN services left data of millions of users exposed online

Stay Connected