Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN 133

VPN Passwords Banking Advertising 133

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 112

VPN Hacking Authentication Government 112

Malwarebytes

NOVEMBER 24, 2023

The vulnerability is described as a sensitive information disclosure in NetScaler web application delivery control (ADC) and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. It’s reported to have been in use as a zero-day since late August. NetScaler ADC 13.1-FIPS

Government 114

Government Ransomware Backups Software 114

CSO Magazine

APRIL 20, 2021

Over the past few months, several cyberespionage groups, including one believed to be tied to the Chinese government, have been breaking into the networks of organizations from the United States and Europe by exploiting vulnerabilities in VPN appliances from zero-trust access provider Pulse Secure.

VPN 98

VPN CSO Hacking Authentication 98

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. that allows remote authenticated attackers to execute arbitrary code as the root user via maliciously crafted meeting room. A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 104

VPN Government Authentication Cybersecurity 104

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk 219

Risk VPN Internet Internet 219

Security Affairs

JUNE 2, 2024

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 91

Data breaches VPN Cloud Migration Cybercrime 91

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. However, the speed comes at the cost of encryption.

VPN 85

VPN Encryption Firewall Internet 85

CSO Magazine

JANUARY 13, 2023

Based on currently available information, the original zero-day attack was highly targeted to government-related entities. Remote code execution in FortiOS SSL-VPN. The vulnerability, tracked as CVE-2022-42475 , is in the SSL-VPN functionality of FortiOS and can be exploited by remote attackers without authentication.

Network Security 113

Network Security VPN Authentication Government 113

Security Boulevard

APRIL 27, 2022

Risky Behavior: VPN Providers Installing Root Certificates Without User Consent. Some VPN apps automatically install self-signed trusted root certificates without informed user consent, says cybersecurity research firm AppEsteem. “We Serial Entropy Issues Invalidate 22,000 TLS Certificates on Dutch Government PKI. Encryption.

VPN 52

VPN Encryption Risk Authentication 52

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN 109

VPN Authentication Passwords Software 109

Malwarebytes

FEBRUARY 19, 2024

CISA (the Cybersecurity & Infrastructure Security Agency) has issued a cybersecurity advisory after the discovery of documents containing host and user information of a state government organization’s network environment—including metadata—on a dark web brokerage site. Use phishing-resistant multifactor authentication (MFA).

Accountability 78

Accountability VPN Authentication Phishing 78

The Last Watchdog

AUGUST 8, 2023

DigiCert Trust Lifecycle Manager additionally supports enrollment to a broad range of Microsoft and AWS technologies, providing organizations a unified approach to managing public and private trust for use cases such as biometric authentication, device authentication, WiFi/VPN provisioning, cloud workloads and infrastructure management.

Authentication 100

Authentication Technology VPN Software 100

Security Affairs

MARCH 1, 2024

Multiple threat actors are chaining these issues to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges. Government experts also reported that the exploitation of the flaw can allow threat actors to maintain root-level persistence. ” reads the advisory. x), Policy Secure (9.x,

Authentication 76

Authentication Cyber threats VPN Government 76

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices.

Ransomware 105

Ransomware VPN Government Retail 105

Security Affairs

APRIL 19, 2024

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. ” reads a post published by the organization on Medium.

Cyber Attacks 108

Cyber Attacks VPN Authentication Hacking 108

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 82

Firewall VPN Firmware Internet 82

Security Affairs

NOVEMBER 14, 2022

The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine that involved a new piece of ransomware called Somnia. Then the threat actors abused the victim’s Telegram account to steal VPN configuration data (authentication and certificates).

Ransomware 79

Ransomware Computers and Electronics VPN Malware 79

Security Affairs

APRIL 25, 2024

By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

VPN 106

VPN Software Firewall Authentication 106

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. The cybersecurity researchers observed threat actors obtaining initial access to organizations through a virtual private network (VPN) service without multifactor authentication (MFA) configured.

Ransomware 102

Ransomware Encryption Antivirus VPN 102

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 104

VPN Cybercrime Ransomware Hacking 104

DoublePulsar

JANUARY 4, 2020

it allows people without valid usernames and passwords to remotely connect to the corporate network the device is supposed to protect, turn off multi-factor authentication controls, remotely view logs and cached passwords in plain text (including Active Directory account passwords). That vulnerability is incredibly bad?—?it

VPN 52

VPN Ransomware Passwords Internet 52

Security Affairs

OCTOBER 25, 2023

Threat actors exploited this vulnerability to hijack existing authenticated sessions and bypass multifactor authentication or other strong authentication requirements. The attacks observed by Mandiant aimed at professional services, technology, and government organizations. states Mandiant. states Mandiant.

Authentication 114

Authentication VPN Hacking Government 114

SecureWorld News

APRIL 22, 2021

And unfortunately, these vulnerabilities are not just theoretical; they are being taken advantage of by an adversary, according to the federal government. This is the same type of quick turnaround time that the government required in the case of the Microsoft Exchange server vulnerabilities.

Government 59

Government CSO Software VPN 59

Security Affairs

OCTOBER 18, 2023

Threat actors exploited this vulnerability to hijack existing authenticated sessions and bypass multifactor authentication or other strong authentication requirements. The attacks observed by Mandiant aimed at professional services, technology, and government organizations. ” states Mandiant.

Authentication 92

Authentication VPN Hacking Government 92

Security Affairs

AUGUST 3, 2023

” Government experts warn that in 2022, most of the exploited flaws were older software vulnerabilities and that threat actors targeted unpatched, internet-facing systems. According to the advisory, threat actors generally have the most success exploiting known vulnerabilities within the first two years of public disclosure.

Authentication 82

Authentication VPN Hacking Internet 82

SecureList

NOVEMBER 23, 2023

VPN services on the rise A VPN creates an encrypted tunnel that effectively conceals user traffic from internet service providers and potential snoopers, thus reducing the number of parties that can access user data even on public Wi-Fi. This social media app is also banned from government devices in a number of countries worldwide.

VPN 102

VPN Scams Education Internet 102

Security Affairs

JUNE 13, 2023

. “A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall 83

Firewall VPN Firmware Manufacturing 83

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. that allows remote authenticated attackers to execute arbitrary code as the root user via maliciously crafted meeting room. One file is designed to intercept certificate-based multi-factor authentication.

Malware 127

Malware VPN Authentication Hacking 127

SC Magazine

JUNE 3, 2021

However, the attackers exploited latent vulnerabilities in the Pulse Secure VPN software in use by the MTA, which allowed them to bypass authentication and execute code remotely. The attackers used the access to plant web shells on the VPN servers in MTA’s environment. in the future.”.

VPN 101

VPN Government Software Media 101

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” Consider installing and using a VPN. Use two-factor authentication with strong passwords.

Ransomware 130

Ransomware VPN Advertising Government 130

eSecurity Planet

AUGUST 28, 2023

In July, Ivanti’s Endpoint Manager Mobile (EPMM) saw the vulnerability CVE-2023-35078, exploited by threat actors who spied on the Norwegian government, and earlier this month Tenable researchers discovered vulnerability CVE-2023-32560, which affects Ivanti’s Avalanche supply chain device management solution.

VPN 98

VPN Authentication Mobile Firewall 98

The Last Watchdog

MAY 23, 2022

They require integrity, authentication, trusted identity and encryption. Protocols and policies setting new parameters for trusted connections are being hammered out and advanced encryption, authentication and data protection solutions are being ramped up. Related: Leveraging PKI to advance electronic signatures.

Digital transformation 214

Digital transformation Computers and Electronics Cybersecurity Encryption 214

eSecurity Planet

AUGUST 28, 2023

In July, Ivanti’s Endpoint Manager Mobile (EPMM) saw the vulnerability CVE-2023-35078, exploited by threat actors who spied on the Norwegian government, and earlier this month Tenable researchers discovered vulnerability CVE-2023-32560, which affects Ivanti’s Avalanche supply chain device management solution.

VPN 95

VPN Authentication Mobile Firewall 95

Security Affairs

APRIL 23, 2022

The VPN credentials for initial access are said to have been obtained from illicit websites like Russian Market with the goal of gaining control of T-Mobile employee accounts, ultimately allowing the threat actor to carry out SIM swapping attacks at will. ” wrote Krebs. – Source KrebsOnSecurity. .

Mobile 95

Mobile VPN Social Engineering Telecommunications 95

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Spyware 119

Spyware Manufacturing Small Business Surveillance 119

Webroot

OCTOBER 22, 2021

The most popular options include virtual private network (VPN) or remote desktop protocol (RDP). VPN works by initiating a secure connection over the internet through data encryption. One downside of using a VPN connection involves vulnerability. One downside of using a VPN connection involves vulnerability.

VPN 111

VPN Penetration Testing Education Security Awareness 111