Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 277

Hacking Social Engineering Phishing Scams 277

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 118

VPN Firewall Accountability Cybersecurity 118

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

VPN 127

VPN Government Malware Hacking 127

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN 110

VPN Cybercrime Advertising Accountability 110

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. This method poses a risk of exposing sensitive data or enabling fraudulent activities. ” continues the advisory.

VPN 102

VPN Accountability Firewall Data breaches 102

Threatpost

JUNE 9, 2021

Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating.

VPN 128

VPN Passwords Accountability Ransomware 128

Security Affairs

NOVEMBER 2, 2022

The threat actors were distributing a VPN app embedding a highly sophisticated spyware. The attackers set up Facebook and Instagram accounts with more than 1,000 followers and designed attractive religious-themed graphic materials in order to trick victims into downloading the tainted VPN app. í religion that are banned in Iran.

Spyware 97

Spyware Malware VPN Accountability 97

Security Affairs

FEBRUARY 1, 2024

CISA also warned to continue to audit privilege-level access accounts. Mandiant researchers recently discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices. Complete a factory reset per Ivanti’s instructions. 20240126.5.xml”

VPN 95

VPN Authentication Software Malware 95

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60 patch 0).

Firewall 137

Firewall VPN Firmware Passwords 137

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. SecurityAffairs – hacking, malware).

VPN 136

VPN Banking Passwords Malware 136

Security Affairs

AUGUST 10, 2022

The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. SecurityAffairs – hacking, Yanluowang ransomware).

Ransomware 122

Ransomware Hacking VPN Phishing 122

Security Affairs

SEPTEMBER 8, 2023

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. ” reads the advisory published by the IT giant. or earlier).

Ransomware 129

Ransomware VPN Authentication Hacking 129

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. ” reads the post published by Kaspersky.

VPN 90

VPN Ransomware Antivirus Firmware 90

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 135

Accountability VPN Software Antivirus 135

Security Affairs

AUGUST 31, 2023

. “Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.”

Authentication 105

Authentication Ransomware VPN Hacking 105

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from your devices or machines.

VPN 83

VPN Cryptocurrency Malware Software 83

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN 312

VPN Computers and Electronics Antivirus Software 312

Security Affairs

DECEMBER 6, 2021

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. Threat actors compromised service providers and used the privileged access and credentials belonging to the hacked providers to target their customers. SecurityAffairs – hacking, NOBELIUM).

Malware 98

Malware VPN Telecommunications Accountability 98

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 289

Malware Software Technology Accountability 289

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 100

VPN Cybercrime Ransomware Hacking 100

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft 100

Identity Theft VPN Malware Ransomware 100

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. Active audit of privileged accounts that were recently created or updated. to gain access to ICS VPN appliances.

VPN 64

VPN Risk Architecture Firewall 64

Security Affairs

SEPTEMBER 16, 2022

Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners. Researchers from Kaspersky have spotted a self-extracting archive, served to gamers looking for cheats on YouTube, that was employed to deliver the RedLine Stealer information-stealing malware and crypto miners.

Malware 81

Malware Cryptocurrency Hacking Passwords 81

The Last Watchdog

MARCH 6, 2021

Related: Poll confirms rise of Covid 19-related hacks. It is essential to ensure that all accounts are protected with strong passwords. To this day, a significant amount of people still use the password across multiple accounts, which makes it much simpler for a cybercriminal to compromise a password and take over accounts.

VPN 214

VPN Firewall Antivirus Passwords 214

Malwarebytes

NOVEMBER 24, 2021

No matter which of the many accounts post up these videos, they all typically link to the same download hosting site. When free games lead to Malware. Researchers at Cluster25 spotted similar activity , targeting a multitude of interests including how-to guides, cryptocurrency, VPN software, and more. Comments disabled.

Malware 142

Malware Scams Passwords Cryptocurrency 142

SecureList

MAY 28, 2024

According to 2023 statistics , only one in four affected organizations identified an incident as a result of detecting suspicious activity (launch of hacker tools, malware, network scanners, etc.) Most often, communication between the service provider and the client takes place via VPN connections and Remote Desktop Protocol (RDP) services.

VPN 74

VPN Accountability Passwords Antivirus 74

Krebs on Security

JUNE 15, 2023

But last week, Barracuda took the highly unusual step of offering to replace compromised ESGs , evidently in response to malware that altered the systems in such a fundamental way that they could no longer be secured remotely with software updates. “They sold so many VPNs through the pandemic and this is the hangover,” Gray said.

Risk 221

Risk VPN Internet Internet 221

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . SecurityAffairs – hacking, privacy).

VPN 78

VPN Advertising Passwords Internet 78

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files.

Ransomware 99

Ransomware Encryption Antivirus VPN 99

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 94

Data breaches Small Business Hacking Malware 94

Security Affairs

DECEMBER 20, 2020

Experts uncovered a massive fraud operation that used a network of mobile device emulators to steal millions of dollars from online bank accounts. Researchers from IBM Trusteer have uncovered a massive fraud operation that leveraged a network of mobile device emulators to steal millions of dollars from online bank accounts in a few days.

Banking 109

Banking Mobile Accountability Malware 109

Schneier on Security

APRIL 7, 2020

This makes the data more likely to be hacked and stolen. If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse.

Cybersecurity 321

Cybersecurity VPN Scams Phishing 321

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware 78

Malware Phishing Spyware Cybercrime 78

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. ” Once gained access to the network, crooks expand their network access, for example, escalating privileges of the compromised employees’ accounts. SecurityAffairs – hacking, vishing).

Accountability 94

Accountability VPN Social Engineering Phishing 94

Security Affairs

APRIL 26, 2023

On March 7, 2023, the researchers found a Linux variant of the PingPull that was uploaded to VirusTotal, it had a very low detection rate (3 out of 62) “Despite a largely benign verdict, additional analysis has determined that this sample is a Linux variant of PingPull malware. ” reads the analysis published by Unit 42.

Malware 91

Malware Telecommunications Government VPN 91

Malwarebytes

MARCH 16, 2022

It’s reported that a malware distribution campaign is leveraging YouTube to push infection files. The campaign distributes a file known for password theft, and hunts for those passwords in browsers, cookies, a variety of cryptocurrency wallets, VPN clients, and many more besides. This is the basis of a basic YouTube scam.

Malware 93

Malware Scams Accountability Passwords 93

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Spyware 115

Spyware Manufacturing Small Business Surveillance 115