Duo's Security Blog

APRIL 3, 2025

While the enforcement of multi-factor authentication (MFA) makes logging in more secure, it inevitably runs the risk of adding steps to a process users already find annoying. While this may avoid authentication fatigue, it certainly risks and may even violate some security standards.

Authentication 52

Authentication Passwords Risk VPN 52

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 96

Authentication Ransomware VPN Passwords 96

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. ” reads the report.

Firewall 131

Firewall Passwords VPN Authentication 131

Duo's Security Blog

MAY 23, 2024

When reading the title of this blog, you might be wondering to yourself why RADIUS is being highlighted as a subject — especially amidst all of the advancements of modern authentication we see taking place recently. It is commonly used for network access into VPNs, wireless access points, and other devices (more on this later).

Authentication 111

Authentication Wireless Passwords Encryption 111

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN 109

VPN Authentication Passwords Software 109

Webroot

MARCH 3, 2025

Online shopping scams An online shopping scam usually involves a fake online store or app, which appears legitimate and is promoted on social media or other authentic websites. Document disposal Shred sensitive documents. Social media privacy Avoid sharing personal information on social media.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Malwarebytes

NOVEMBER 6, 2024

Lock things down Having a strict policy to protect your important assets with strong passwords and multi-factor authentication (MFA) should be a no-brainer. Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes. Both can be used to protect your network.

Small Business 98

Small Business Backups Firewall VPN 98

Krebs on Security

APRIL 6, 2022

“They would just keep jamming a few individuals to get [remote] access, read some onboarding documents, enroll a new 2FA [two-factor authentication method] and exfiltrate code or secrets, like a smash-and-grab,” the CXO said. “These guys were not leet , just damn persistent.” ” HOW DID WE GET HERE?

Social Engineering 294

Social Engineering Phishing Engineering Accountability 294

Security Affairs

FEBRUARY 16, 2024

The government experts conducted an incident response assessment of the state government organization after its documents were posted on the dark web. CISA and MS-ISAC assessed that the threat actor connected to the VM through the victim’s VPN with the intent to blend in with legitimate traffic to evade detection.”

Government 144

Government VPN Accountability Authentication 144

Security Affairs

DECEMBER 6, 2020

The files published by the ransomware gang on the leak site include internal projects, business documents, and various aerospace and defense industry standards. LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected. Source ZDNet.

Ransomware 135

Ransomware VPN Encryption Passwords 135

eSecurity Planet

MAY 27, 2025

per user per month) Bitdefender : Better for startups with over 10 employees, identity protection needs, and built-in VPN (starts at $6.33 Its features include identity protection features, a VPN, and a password manager. Bitdefenders SMB security features include identity exposure protection, a VPN, and a password manager.

Antivirus 93

Antivirus Software Small Business VPN 93

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering 140

Social Engineering VPN Phishing Authentication 140

The Last Watchdog

MAY 23, 2022

They require integrity, authentication, trusted identity and encryption. Protocols and policies setting new parameters for trusted connections are being hammered out and advanced encryption, authentication and data protection solutions are being ramped up. Related: Leveraging PKI to advance electronic signatures.

Cybersecurity 214

Cybersecurity Digital transformation Computers and Electronics Encryption 214

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. Estimate and plan for how much it will cost to deploy multi-factor authentication to all of your apps and users.

Authentication 104

Authentication Software Mobile Passwords 104

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. that allows remote authenticated attackers to execute arbitrary code as the root user via maliciously crafted meeting room. One file is designed to intercept certificate-based multi-factor authentication.

Malware 139

Malware VPN Authentication Hacking 139

SecureList

FEBRUARY 21, 2025

We believe that the attackers are primarily targeting organizations in Russia and Belarus, while the other victims were incidentalperhaps researchers using sandbox environments or exit nodes of Tor and VPN networks. Last year, we documented Angry Likho attacks that used image files containing malicious code.

Phishing 91

Phishing Encryption Banking Malware 91

Security Affairs

FEBRUARY 12, 2024

Avoid entering any data if you see a warning message about a site’s authenticity. Also, consider using a Virtual Private Network (VPN) to encrypt your data and make it unreadable to hackers. Invest in a VPN to encrypt your data and ensure websites you use have SSL/TSL certificates (look for “https” in the URL).

DNS 143

DNS VPN Encryption Passwords 143

Webroot

OCTOBER 22, 2021

The user can access their company’s files and documents as if they were physically present at their office. The most popular options include virtual private network (VPN) or remote desktop protocol (RDP). VPN works by initiating a secure connection over the internet through data encryption. Two-factor authentication.

VPN 124

VPN Penetration Testing Education Security Awareness 124

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Security Affairs

NOVEMBER 17, 2021

One of the campaigns monitored by the experts and conducted by PHOSPHORUS APT group leveraged known vulnerabilities in Fortinet FortiOS SSL VPN and Microsoft Exchange Servers to deploy ransomware on vulnerable networks. . Microsoft added that password spray attacks on Office 365 accounts with multifactor authentication (MFA) enabled failed.

VPN 135

VPN Accountability Social Engineering Media 135

Security Affairs

SEPTEMBER 12, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to VPN in the context of the targeted user. .

Ransomware 115

Ransomware VPN Authentication Phishing 115

Security Affairs

OCTOBER 18, 2023

Threat actors exploited this vulnerability to hijack existing authenticated sessions and bypass multifactor authentication or other strong authentication requirements. The security firm published the CVE-2023-4966 guidance document for remediating and reducing risks related to this flaw. ” states Mandiant. .”

Authentication 132

Authentication VPN Hacking Government 132

Security Boulevard

JULY 10, 2023

Public key infrastructure (PKI)  offers a globally accepted standard for implementing various security protocols and authentication mechanisms.  e-commerce and online banking), and authenticate the identity of an entity in an online environment. require PKI to ensure data security through authentication and non-repudiation mechanisms.

Authentication 98

Authentication Encryption VPN Technology 98

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 124

Data breaches VPN Cloud Migration Malware 124

eSecurity Planet

SEPTEMBER 5, 2024

A VPN (Virtual Private Network) routes your internet traffic through an encrypted tunnel, shielding your data from hackers and ensuring your online activities remain private and secure. A VPN can provide the solution if you want to safeguard your personal information, bypass geo-restrictions, or maintain anonymity online.

VPN 57

VPN Encryption Internet Internet 57

Security Affairs

OCTOBER 25, 2023

Threat actors exploited this vulnerability to hijack existing authenticated sessions and bypass multifactor authentication or other strong authentication requirements. The security firm published the CVE-2023-4966 guidance document for remediating and reducing risks related to this flaw. states Mandiant.

Authentication 135

Authentication VPN Hacking Government 135

Security Affairs

JUNE 23, 2020

. “The current data leak includes snapshots of highly sensitive bank-related documents of the company such as account transaction details, vouchers, letters sent to bank managers, and much more.” Below one of the snapshots leaked by the CLOP ransomware operators as proof of the hack.

Hacking 132

Hacking Ransomware Banking Advertising 132

Approachable Cyber Threats

OCTOBER 16, 2020

During the COVID-19 pandemic for example, you may use a Virtual Private Network (VPN) to connect to your organization’s network as if you’re sitting in the office, or you might use Remote Desktop Protocol (RDP) to connect to your computer that’s now collecting dust on your office desk.

Ransomware 98

Ransomware VPN Internet Internet 98

SecureWorld News

JULY 27, 2021

Here is how the business was affected, according to court documents: "In addition to the loss of gasoline sales, Plaintiff EZ Mart saw inside sales drop precipitously. Court documents list a number of ways Colonial allegedly failed at cybersecurity. It wasn't until May 21 that its pumps were at full capacity again.

Ransomware 98

Ransomware Authentication VPN Cybersecurity 98

Security Affairs

JUNE 21, 2021

Inside some Packs you will find sub-archives with separate password, for such cases there are txt file with special password, please check everything carefully “ The group claims to have stolen 1.5TB of sensitive data from ADATA, including financial documents, contracts, non-disclosure agreements, and other files. Pierluigi Paganini.

Ransomware 144

Ransomware Passwords VPN Authentication 144

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft 123

Identity Theft VPN Malware Ransomware 123

Malwarebytes

FEBRUARY 19, 2024

CISA (the Cybersecurity & Infrastructure Security Agency) has issued a cybersecurity advisory after the discovery of documents containing host and user information of a state government organization’s network environment—including metadata—on a dark web brokerage site. Use phishing-resistant multifactor authentication (MFA).

Accountability 92

Accountability VPN Authentication Phishing 92

Security Affairs

JUNE 19, 2020

The CVE-2020-4529 could allow an authenticated attacker to send unauthorized requests from a system, potentially leading to other attacks, such as network enumeration, “IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF). ” reads the security advisory. .

VPN 105

VPN Advertising Authentication Passwords 105

Malwarebytes

APRIL 11, 2022

The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. First, the malware checks whether it is able to authenticate using the stolen cookies. cn/eg/fr/de/in/it/co.jp/nl/pl/sa/sg/es/se/ae/co.uk/com/com.au/com.br/mx/tr

Media 143

Media Malware Spyware Accountability 143

eSecurity Planet

SEPTEMBER 23, 2022

Of course, developers cannot be held responsible for all vulnerabilities, but they usually have privileged accounts and even direct access to sensitive documents and pipes, which makes them increasingly attractive targets. The document lists concrete measures to reduce the risk: Generate architecture and design documents.

Software 141

Software Authentication VPN Architecture 141

Security Affairs

SEPTEMBER 9, 2020

At the time it is not clear how many documents were stolen and which kind of information they contained. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware 145

Ransomware Energy and Utilities VPN Advertising 145

Security Affairs

OCTOBER 20, 2021

a demo for anti-virus software, VPN, music players, photo editing or online games) to hijack the channel of YouTube creators. The malware landing page is disguised as a software download URL that was sent via email or a PDF on Google Drive, or via Google documents containing the phishing links.

Accountability 144

Accountability Malware Phishing Social Engineering 144