Remove Authentication Remove Malware Remove VPN
article thumbnail

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

Security Affairs

Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware.

VPN 118
article thumbnail

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN 133
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

Zero Day

PT ZDNET Those of you who use Microsoft Authenticator as a password manager will have to find another option, and soon. PT ZDNET Those of you who use Microsoft Authenticator as a password manager will have to find another option, and soon. Beginning in July, you'll no longer be able to autofill passwords with Authenticator.

article thumbnail

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone. Here's how it happened and why it's a problem. Written by Lance Whitney, Contributor June 17, 2025 at 11:25 a.m.

article thumbnail

U.S. Offers $10M bounty for info on RedLine malware creator and state hackers

Security Affairs

offers up to $10M for info on state hackers linked to RedLine malware and its creator, Maxim Rudometov, tied to attacks on U.S. “Maxim Alexandrovich Rudometov (Максим Александрович Рудомётов), born in 1999 in the Luhansk region of Ukraine, developed and has sold “information stealer” malware known as RedLine.”

Malware 87
article thumbnail

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 130
article thumbnail

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 136