Advertising, Authentication, Information Security and VPN

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN

VPN Government Authentication Advertising

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN

VPN Firewall Advertising Internet

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Encryption Advertising Authentication

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN

VPN Hacking Advertising Authentication

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering

Social Engineering VPN Phishing Authentication

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Authentication

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. OS ) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. x base score of 10. . x base score of 10. Pierluigi Paganini.

Firewall

Firewall Authentication VPN Advertising

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Kaspersky recommends organizations to adopt the following security measures: At the very least, use strong passwords. Make RDP available only through a corporate VPN. Use Network Level Authentication (NLA). If possible, enable two-factor authentication. Use a reliable security solution. Pierluigi Paganini.

Passwords

Passwords Advertising VPN Authentication

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Advertising Marketing

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

The CVE-2020-4529 could allow an authenticated attacker to send unauthorized requests from a system, potentially leading to other attacks, such as network enumeration, “IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF). ” reads the security advisory. . Pierluigi Paganini.

VPN

VPN Advertising Authentication Passwords

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

.” The US CISA agency also published a security advisory to warn of risks associated with the successful exploitation of the flaws in the B&R Automation systems. Also recognize that VPN is only as secure as the connected devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Authentication VPN Firewall

Cisco addresses ten high-risk issues in NX-OS software

Security Affairs

AUGUST 28, 2020

The same devices are affected by a DoS flaw (CVE-2020-3397) in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation. Further details of the flaws addressed by Cisco are available on Cisco’s security advisories page. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Software

Software Risk Advertising Authentication

Security Affairs - Untitled Article

Security Affairs

JULY 22, 2019

GlobalProtect products allow organizations to set up a virtual private network (VPN) access, they also implement other security and management features. “ n this article, we would like to talk about the vulnerability on Palo Alto SSL VPN. Palo Alto calls their SSL VPN product line as GlobalProtect.

VPN

VPN Advertising Authentication Information Security

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

China-linked cyber espionage group APT20 has been bypassing two-factor authentication (2FA) in recent attacks, cyber-security firm Fox-IT warns. Attackers use stolen VPN credentials to securely connect the target network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Hacking Software Advertising

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Use multifactor authentication where possible. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.

Ransomware

Ransomware DDOS Passwords Backups

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

A flaw in Microsoft OAuth authentication could lead Azure account takeover. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. OpenBSD addresses authentication bypass, privilege escalation issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising DDOS VPN Authentication

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” ” reads the advisory published by Sophos. Pierluigi Paganini.

Firewall

Firewall VPN Passwords Internet

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Mobile

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Engineering VPN

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Security Affairs

JANUARY 4, 2020

. “We do what we can to increase our OpSec when using our laptop in public-such as using a good VPN provider, 2FA, and password database auto-fill to prevent network or shoulder-based eavesdropping,” says Altfield. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising VPN Engineering Authentication

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

The Zyxel Cloud CNM SecuManager is a comprehensive network management software that provides an integrated console to manage security gateways including the ZyWALL USG and VPN Series. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. log escape sequence injection xmppCnrSender.py Pierluigi Paganini.

Accountability

Accountability Advertising Software Authentication

How to Protect Against COVID-19 Email Scams

Security Affairs

APRIL 21, 2020

However, you can defend against the scams by taking certain protective measures that are listed below: Do not give your personal information: A common theme for most coronavirus phishing emails seems to be the inquiry for personal information such as Social Security Number or login information. Twitter Handle: [link].

Scams

Scams Phishing Artificial Intelligence VPN

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Data breaches Advertising

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. You can further secure your connection by using a VPN.

Phishing

Phishing Accountability Authentication Passwords

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (e.g.,

Ransomware

Ransomware Antivirus Passwords Malware

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Never use them without proper security measures such as using a VPN. A VPN removes all traces leading back to your original IP address and encrypts your connection to allow safe and private browsing. Software updates often come with releases that patch bugs and security vulnerabilities upon discovery. Avoid Public WI-Fi.

Data privacy

Data privacy Computers and Electronics Government VPN

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. Original post: [link].

Phishing

Phishing Accountability Hacking Advertising

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups

Backups Authentication Advertising Firmware

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Security Affairs

JANUARY 3, 2020

The other vulnerability is an information disclosure issue that could be exploited by an attacker to obtain a device’s VPN configuration file, potentially exposing sensitive information. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by the experts.

Advertising

Advertising Firmware VPN Authentication

Imperva explains how hackers stole AWS API Key and accessed to customer data

Security Affairs

OCTOBER 14, 2019

The company announced to have adopted additional security measures to protect its customers, including the creation of new instances behind its VPN by default, the implementation of monitoring and patching programs, decommission unused and non-critical compute instances. Pierluigi Paganini. SecurityAffairs – Imperva, hacking).

Firewall

Firewall Passwords Accountability Data breaches

Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions

Security Affairs

DECEMBER 2, 2019

Researchers from SafeBreach discovered several vulnerabilities in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application products that could be exploited by hackers for DLL preloading , code execution, and privilege escalation. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising VPN Authentication Hacking

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

MAY 29, 2019

Opt for VPN. VPN is the safest mode of surfing the internet and provides the best cybersecurity. VPN also provides an encrypted tunnel for all your online transactions and encode them in a way that nobody can access any piece of information during the transaction from one end to another. Pierluigi Paganini.

Hacking

Hacking VPN Passwords Internet

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

Security Affairs

MAY 27, 2020

For instance, Ryuk, Revil, Maze , and DoppelPaymer actively used such tools, namely Cobalt Strike, CrackMapExec , PowerShell Empire, PoshC2, Metasploit, and Koadic, which helped them collect as much information as possible about the compromised network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Phishing Advertising Encryption

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

If such processes lack proper authentication steps, they could work as gateways for bigger problems. It can be prevented through the use of an online VPN. Even if a local network is completely secured and all IoT devices on it have firmware and software updated to the last version, a shadow IoT device can wreak havoc.

IoT

IoT Cybersecurity Manufacturing Internet

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

Unlike some other underground cybercriminal gangs, Wizard Spider doesn’t openly advertise on underground forums, perhaps for security reasons. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e.,

Healthcare

Healthcare Ransomware Encryption Passwords

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

Cryptography Cryptography can be used for two main purposes in embedded systems: confidentiality and authenticity. Mutually authenticating between devices or servers. However, in many cases, authenticity is often more important than confidentiality in embedded systems. Did that firmware genuinely come from the intended source?

IoT

IoT Firmware Mobile Manufacturing

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Webinars

Trending Sources

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Webinars

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Cisco fixes 5 critical flaws that could allow router firewall takeover

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Palo Alto Networks addresses tens of serious issues in PAN-OS

RDP brute-force attacks rocketed since beginning of COVID-19

Netwalker ransomware operators claim to have stolen data from Forsee Power

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Flaws in leading industrial remote access systems allow disruption of operations

Cisco addresses ten high-risk issues in NX-OS software

Security Affairs - Untitled Article

Op Wocao – China-linked APT20 was able to bypass 2FA

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs newsletter Round 243

Sophos fixed a critical vulnerability in Cyberoam firewalls

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Netwalker ransomware operators leaked files stolen from K-Electric

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

How to Protect Against COVID-19 Email Scams

Colocation data centers giant Equinix data hit by Netwalker Ransomware

5 Common Phishing Attacks and How to Avoid Them?

BlackCat Ransomware gang breached over 60 orgs worldwide

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

CISA warns of critical flaws in Prima FlexAir access control system

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Imperva explains how hackers stole AWS API Key and accessed to customer data

Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

IoT Secure Development Guide

Stay Connected