Advertising, Information Security, Passwords and VPN

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. “Agent Tesla is now able to harvest configuration data and credentials from a number of common VPN clients, FTP and Email clients, and Web Browsers.

Passwords

Passwords Spyware VPN Malware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com Another domain with the Google Analytics code US-2665744 was sscompany[.]net.

Malware

Malware VPN Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Protecting Your Digital Identity: Celebrating Identity Management Day

Webroot

APRIL 3, 2024

Simply put, it’s the practice of ensuring that only authorized individuals have access to your sensitive information and online accounts. This encompasses everything from protecting your passwords to being vigilant against phishing scams and online fraud. Instead, enter your credentials each time for added security.

VPN

VPN Passwords Scams Accountability

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

“The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. In May 2021, cybercriminals offered more than 36,000 login credentials for.edu email accounts and advertised the data on an instant messaging platform.

Cybercrime

Cybercrime Education Accountability Phishing

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Regularly back up data, password protect backup copies offline. Avoid reusing passwords for multiple accounts. Consider installing and using a VPN.

Ransomware

Ransomware DDOS Passwords Backups

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

. “Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet” Attackers attempt to brute-force the username and password used to protect RDP access to systems exposed online, they can use combinations of random characters or leverage dictionary of most popular passwords.

Passwords

Passwords Advertising VPN Authentication

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The Iranian hackers belong to an Iran-based threat actor that was behind attacks exploiting vulnerabilities in Pulse Secure VPN, Citrix Application Delivery Controller (ADC) and Gateway , and F5’s BIG-IP ADC products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Passwords Advertising Password Management

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. exe,’ which is the Kpot password-stealing Trojan. Pierluigi Paganini.

Ransomware

Ransomware Cryptocurrency Advertising Passwords

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Advertising Marketing

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Security Affairs

JULY 14, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. This is a complex operation that infects small-office/home-office (SOHO) routers, deploying a Linux-based Remote Access Trojan (RAT) we’ve dubbed “AVrecon.””

Malware

Malware Advertising Cybercrime Passwords

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server. 166 and then browsed pages on a SharePoint site and downloaded a file (Data from Information Repositories: SharePoint [ T1213.002 ]).

VPN

VPN Malware Cyber threats Accountability

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” ” continues the report.

Cybercrime

Cybercrime Antivirus Marketing Accountability

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

VPN or Virtual Private Network is the most secure way of connecting with the online world. VPN also provides an encrypted tunnel for all your online activities and closes all doors for spies and cybercriminals. VPN also provides an encrypted tunnel for all your online activities and closes all doors for spies and cybercriminals.

Hacking

Hacking VPN Internet Internet

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password. MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” said the spokesperson. Pierluigi Paganini.

Firewall

Firewall VPN Passwords Internet

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering

Social Engineering VPN Phishing Authentication

Experts link AVRecon bot to the malware proxy service SocksEscort

Security Affairs

JULY 31, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. The first activity is part of an advertising fraud effort, and the second activity is likely linked to password spraying attacks and/or data exfiltration.

Malware

Malware Small Business Advertising Passwords

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

“Some of their goals include accessing sensitive information, user names and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams,”. Below the list of suggestions included in the agency’s memo: Use the NASA VPN, prior to beginning to work. ” continues the memo.

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Regularly back up data, air gap, and password-protect backup copies offline. Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts.

Ransomware

Ransomware Antivirus Passwords Malware

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Once downloaded, these files infect unwitting users rather than delivering the tools originally advertised.” It is injected with the malicious code, which consists of the Phoenix information stealer.”

DDOS

DDOS Digital transformation Malware Advertising

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Security Affairs

SEPTEMBER 16, 2022

The RedLine malware allows operators to steal several pieces of information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The malicious code can also act as first-stage malware.

Malware

Malware Cryptocurrency Hacking Passwords

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used employee’s VPN to access the LinkedIn’s internal network. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. Pierluigi Paganini.

Hacking

Hacking Cybercrime Data breaches Advertising

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Data breaches Advertising

The Dangers of Using Unsecured Wi-Fi Networks

Security Affairs

AUGUST 22, 2019

They can see the passwords you use, your email address, your name and physical address, phone numbers and any other type of personal information that you might happen to enter into a website. For instance there are automated tools that look for passwords and write them into a file whenever they see one. Pierluigi Paganini.

VPN

VPN Encryption Passwords Small Business

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Mobile

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

So if our ‘warehouse worker’ or equivalent connects through a properly configured VPN, that person’s access within the corporate network is restricted to what they need— from that particular system and email, for example. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Authentication Passwords

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Engineering VPN

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. printing access badges.

Government

Government Hacking Advertising Passwords

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Security Affairs

OCTOBER 15, 2020

Information shared about the cyber attacks suggests that the company was the victim of a ransomware attack. In August, the website ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. Pierluigi Paganini. SecurityAffairs – hacking, malware).

Cyber Attacks

Cyber Attacks VPN Backups Ransomware

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Never use them without proper security measures such as using a VPN. A VPN removes all traces leading back to your original IP address and encrypts your connection to allow safe and private browsing. Software updates often come with releases that patch bugs and security vulnerabilities upon discovery. Avoid Public WI-Fi.

Data privacy

Data privacy Computers and Electronics Government VPN

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

In order to move laterally within the target networks, hackers used well-known techniques, such as dumping credentials from memory and accessing password managers on compromised systems. Attackers use stolen VPN credentials to securely connect the target network. Pierluigi Paganini. SecurityAffairs – APT20, hacking).

VPN

VPN Hacking Software Advertising

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Security Affairs

JANUARY 4, 2020

“We do what we can to increase our OpSec when using our laptop in public-such as using a good VPN provider, 2FA, and password database auto-fill to prevent network or shoulder-based eavesdropping,” says Altfield. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising VPN Engineering Authentication

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

Security researchers Pierre Kim and Alexandre Torres have discovered several vulnerabilities Zyxel Cloud CNM SecuManager software that could expose users to cyber attacks. ” Experts also reported the use of predefined passwords for admin accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability

Accountability Advertising Software Authentication

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The attackers connects to a dedicated commercially-shared VPN server using OpenVPN and then uses compromised email credentials to send out credential spam via a commercial email service provider. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Accountability Advertising DNS

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

The affiliates used to deliver the threat via brute-forcing attacks on RDP servers or exploiting known vulnerabilities in VPN servers and firewalls. Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).” continues the alert.

Ransomware

Ransomware VPN Cybercrime Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. It can be prevented through the use of an online VPN.

IoT

IoT Cybersecurity Manufacturing Internet

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

Rhadamanthys is an info stealing malware that was initially advertised for sale on underground forums since the middle of 2022. It can steal crypto wallets, steam accounts, passwords from browsers, FTP clients, chat clients (e.g. Telegram, Discord), email clients, VPN configurations, cookies, grab files, and more.

Malware

Malware Phishing Spyware Cybercrime

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

Some of them are repeated advertisements on the same leakage. Typically, hacked access to corporate infrastructure includes accounts for a corporate VPN service and some servers or hosts in the internal networks (in general, access is performed via RDP or web shells). By November 2023, we have already found more than 3100 offers.

Data breaches

Data breaches Accountability Telecommunications Malware

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

Privilege Escalation flaw found in Forcepoint VPN Client for Windows. Thinkful forces a password reset for all users after a data breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Advertising Malware VPN

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

Unlike some other underground cybercriminal gangs, Wizard Spider doesn’t openly advertise on underground forums, perhaps for security reasons. Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes.

Healthcare

Healthcare Ransomware Encryption Passwords

Security Affairs newsletter Round 229 – News of the week

Security Affairs

SEPTEMBER 1, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510. Foxit Software discloses a data breach that exposed user passwords.

eCommerce

eCommerce Data breaches Malware Advertising

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. Original post: [link].

Phishing

Phishing Accountability Hacking Advertising

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Antivirus Malware Banking

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Webinars

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Protecting Your Digital Identity: Celebrating Identity Management Day

FBI: Compromised US academic credentials available on various cybercrime forums

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Avoslocker ransomware gang targets US critical infrastructure

RDP brute-force attacks rocketed since beginning of COVID-19

US CISA report shares details on web shells used by Iranian hackers

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Netwalker ransomware operators claim to have stolen data from Forsee Power

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

CISA says federal agency compromised by malicious cyber actor

15 billion credentials available in the cybercrime marketplaces

5 Ways to Protect Yourself from IP Address Hacking

Sophos fixed a critical vulnerability in Cyberoam firewalls

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Experts link AVRecon bot to the malware proxy service SocksEscort

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

BlackCat Ransomware gang breached over 60 orgs worldwide

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Colocation data centers giant Equinix data hit by Netwalker Ransomware

The Dangers of Using Unsecured Wi-Fi Networks

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Netwalker ransomware operators leaked files stolen from K-Electric

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Op Wocao – China-linked APT20 was able to bypass 2FA

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Russia-linked APT28 has been scanning vulnerable email servers in the last year

NetWalker ransomware operators have made $25 million since March 2020

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

New TA886 group targets companies with custom Screenshotter malware

What to do if your company was mentioned on Darknet?

Security Affairs newsletter Round 233

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Security Affairs newsletter Round 229 – News of the week

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Stay Connected