Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 83

Firewall VPN Firmware Internet 83

Security Affairs

OCTOBER 17, 2023

Sandworm were observed targeting open ports and unprotected RDP or SSH interfaces to gain access to the internet-facing systems. ’ The CERT-UA also reported that the state-sponsored hackers used compromised VPN accounts that weren’t protected by multi-factor authentication. “Note (!) .’ “Note (!)

Telecommunications 106

Telecommunications Authentication Data collection Passwords 106

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 107

VPN Cybercrime Ransomware Hacking 107

Security Affairs

JANUARY 17, 2024

The vulnerability CVE-2023-6548 is an authenticated (low privileged) remote code execution affecting Management Interface. The vendor recommends that customers do not expose the management interface to the internet, as explained in the secure deployment guide. ” reads the advisory. and later releases of 13.1

VPN 108

VPN Software Authentication Internet 108

Security Affairs

DECEMBER 29, 2022

CVE-2022-27510 flaw is an authentication bypass using an alternate path or channel. The vendor pointed out that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are impacted. . version that’s not impacted by the two flaws.

VPN 95

VPN Internet Internet Authentication 95

Security Affairs

DECEMBER 3, 2023

Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. CVE-2023-5960 – An improper privilege management vulnerability in the hotspot feature of some firewall versions could allow an authenticated local attacker to access the system files on an affected device.

Firewall 105

Firewall Authentication VPN Cyber Attacks 105

Security Affairs

AUGUST 3, 2023

” Government experts warn that in 2022, most of the exploited flaws were older software vulnerabilities and that threat actors targeted unpatched, internet-facing systems. According to the advisory, threat actors generally have the most success exploiting known vulnerabilities within the first two years of public disclosure.

Authentication 82

Authentication VPN Internet Internet 82

Security Affairs

JANUARY 18, 2024

Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP. The vulnerability CVE-2023-6548 is an authenticated (low privileged) remote code execution affecting Management Interface.

Authentication 116

Authentication VPN Software Engineering 116

Security Affairs

APRIL 19, 2022

UPnP is an insecure protocol, it uses network UDP multicasts, and doesn’t support encryption and authentication. ” The vendor also recommends enabling the VPN server function on the user router to access QNAP NAS from the Internet. Only use encrypted HTTPS or other types of secure connections (SSH, etc.).

VPN 103

VPN Internet Internet Firewall 103

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering 118

Social Engineering VPN Phishing Authentication 118

Security Affairs

AUGUST 29, 2021

. “Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server.” ” reads the advisory published by the company.

VPN 121

VPN Encryption Authentication Hacking 121

Security Affairs

AUGUST 17, 2021

An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker. The vulnerability impacts Fortinet FortiWeb versions 6.3.11

Authentication 98

Authentication VPN Internet Internet 98

eSecurity Planet

AUGUST 22, 2023

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. We’ll cover a range of best practices for remote access security, from the simple and the practical to the more advanced.

Passwords 75

Passwords Authentication Encryption VPN 75

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications 95

Telecommunications Authentication Passwords Accountability 95

Security Affairs

MARCH 21, 2023

The hackers were also able to turn off the two-factor authentication (2FA). On March 17-18th, 2023, GENERAL BYTES experienced a security incident. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN. ” continues the notice.

Cryptocurrency 79

Cryptocurrency VPN Manufacturing Firewall 79

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 86

VPN Firewall Firmware Authentication 86

Security Affairs

APRIL 30, 2021

These are essential elements of implementing a Zero Trust strategy for IoT/OT. • Reduce the attack surface by eliminating unnecessary internet connections to OT control systems and implementing VPN access with multi-factor authentication (MFA) when remote access is required.

IoT 107

IoT VPN Firewall Risk 107

Security Affairs

APRIL 8, 2022

Authentication. Two-factor authentication is another important security measure for the cloud era. Increasingly, passwordless authentication is becoming the norm. Not all providers are created equal, and it’s important to do your research to find one that will meet your specific needs and security requirements.

Cybersecurity 101

Cybersecurity Passwords Penetration Testing Encryption 101

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware 69

Ransomware VPN Cybercrime Accountability 69

Security Affairs

MAY 9, 2022

The Jester stealer is able to steal credentials and authentication tokens from Internet browsers, MAIL/FTP / VPN clients, cryptocurrency wallets, password managers, messengers, game programs, and more.

Password Management 83

Password Management VPN Cryptocurrency Government 83

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” ” reads the advisory published by Sophos.

Firewall 81

Firewall VPN Passwords Internet 81

Security Affairs

SEPTEMBER 3, 2021

. “Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Use multifactor authentication with strong pass phrases where possible.

Ransomware 97

Ransomware Passwords Backups Firmware 97

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. The state of IoT is poor enough as it is, security wise. Consider installing and using a VPN.

Ransomware 139

Ransomware Manufacturing Passwords Internet 139

Security Affairs

MAY 25, 2023

In order to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. Volt Typhoon targets internet-facing Fortinet FortiGuard devices to achieve initial access to targeted organizations. ” continues the report.

Accountability 75

Accountability VPN Manufacturing Firewall 75

Security Affairs

JUNE 19, 2020

The CVE-2020-4529 could allow an authenticated attacker to send unauthorized requests from a system, potentially leading to other attacks, such as network enumeration, “IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF). ” reads the security advisory. .

VPN 95

VPN Advertising Authentication Passwords 95

Security Affairs

JANUARY 19, 2021

The threat actors are using Voice over Internet Protocol (VoIP) platforms to obtain employees’ credentials. The alert reports the case of an attack in which cyber criminals found an employee via the company’s chatroom, and tricked him into logging into the fake VPN page. ” reads the FBI alert.

Accountability 101

Accountability VPN Social Engineering Phishing 101

Security Affairs

JULY 8, 2021

Critical) Update available CVE-2020-7387 CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor in AdxAdmin 5.3 Medium) Update available CVE-2020-7389 CWE-306 Missing Authentication for Critical Function in Developer Environment in Syracuse 5.5 CVE-2020-7390 CWE-79 : Persistent Cross-Site Scripting (XSS) in Syracuse 4.6

Hacking 107

Hacking Authentication VPN Software 107

The Last Watchdog

MARCH 6, 2020

For many Chief Information Security Officers, having the CEO’s ear, at the moment, is proving to be a double-edged sword, Pollard told me. “We As part of the rush to leverage the Internet cloud to transact with remote workers, third-partner suppliers and customers, companies opened up endless fresh attack vectors.

CISO 185

CISO VPN Digital transformation Internet 185

Security Affairs

MARCH 16, 2022

As Duo’s default configuration settings allow for the re-enrollment of a new device for dormant accounts, the actors were able to enroll a new device for this account, complete the authentication requirements, and obtain access to the victim network.” ” reads the joint advisory. ” continues the analysis.

Accountability 92

Accountability Passwords Authentication Firmware 92

Security Affairs

OCTOBER 1, 2020

.” The US CISA agency also published a security advisory to warn of risks associated with the successful exploitation of the flaws in the B&R Automation systems. Also recognize that VPN is only as secure as the connected devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 109

Advertising Authentication VPN Firewall 109

Security Affairs

APRIL 3, 2022

Sophos Firewall affected by a critical authentication bypass flaw Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict Security Affairs newsletter Round 358 by Pierluigi Paganini Western Digital addressed a critical bug in My Cloud OS 5 CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog. And how to prevent it?

Firewall 78

Firewall Hacking DDOS VPN 78

Security Affairs

DECEMBER 8, 2019

Europol seized 30,506 Internet domain names for IP Infringement. A flaw in Microsoft OAuth authentication could lead Azure account takeover. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. OpenBSD addresses authentication bypass, privilege escalation issues. The evolutions of APT28 attacks.

Advertising 54

Advertising DDOS VPN Authentication 54

Security Affairs

APRIL 21, 2020

The increasing number of news articles circulating on the internet in the wake of COVID-19 has resulted in the rise of Phishing attacks which feed on people’s fears. Authentic emails from verified sources would not require this. Trusted Resources for Collecting Information about COVID-19. About the author Rohail Abrahani.

Scams 101

Scams Phishing Artificial Intelligence VPN 101

Security Affairs

MAY 7, 2021

Such lapses in database security can (and often do) lead to hundreds of millions of people having their personal information exposed on the internet, allowing threat actors to use that data for a variety of malicious purposes, including phishing and other types of social engineering attacks , as well as identity theft.

Passwords 129

Passwords Authentication Identity Theft Engineering 129

SC Magazine

APRIL 26, 2021

As critical infrastructure facilities increasingly converge their IT and OT systems, visibility into traditionally isolated operational systems is turning into a key security challenge. The same philosophy applies to ABCWUA’s installation of its cloud-based enterprise network security software.

CISO 82

CISO IoT VPN InfoSec 82

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Below one of the snapshots leaked by the CLOP ransomware operators as proof of the hack.

Hacking 102

Hacking Ransomware Banking Mobile 102

Security Affairs

SEPTEMBER 10, 2020

Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Use two-factor authentication with strong passwords.

Ransomware 107

Ransomware VPN Data breaches Advertising 107