Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 113

VPN Cybercrime Ransomware Hacking 113

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 87

Data breaches VPN Hacking Banking 87

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Artificial Intelligence 105

Artificial Intelligence VPN Hacking Firewall 105

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 108

Data breaches Small Business Hacking Malware 108

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 117

Ransomware Backups VPN Authentication 117

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 105

Data breaches Phishing Ransomware Malware 105

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 94

Ransomware Backups VPN Authentication 94

Security Affairs

MARCH 21, 2022

Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Notably, the actors are looking to buy remote VPN access and asking potential insiders to contact them privately via Telegram, they then reward them by paying for the access granted.

Hacking 97

Hacking Telecommunications InfoSec Cybercrime 97

Security Affairs

DECEMBER 14, 2023

anti-cybercrime (Ofac).” cybersecurity and intelligence authorities. The group used various attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. The international operation was conducted with the cooperation of Europol and Eurojust.

Ransomware 120

Ransomware Cryptocurrency Cybercrime VPN 120

Security Affairs

APRIL 23, 2022

The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. Telegram channels that were restricted to the core seven members of the group – Source KrebsonSecurity. ” wrote Krebs.

Mobile 99

Mobile VPN Social Engineering Telecommunications 99

Security Affairs

JULY 18, 2021

Read more at [link] #Cybersecurity #InfoSec #Ransomware — US-CERT (@USCERT_gov) July 15, 2021. Other groups targeted known vulnerabilities in SonicWall devices in the past, such as the UNC2447 cybercrime gang that exploited the CVE-2021-20016 zero-day bug in SonicWall SMA 100 Series VPN appliances to deliver the FiveHands ransomware.

Ransomware 121

Ransomware Firmware Mobile InfoSec 121

Security Affairs

MAY 9, 2023

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. The new ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware 84

Ransomware VPN Antivirus Encryption 84

Security Affairs

MAY 17, 2023

The role of an initial access broker is essential in the cybercrime ecosystem, these actors facilitate the sale or exchange of compromised or stolen initial access to computer networks or systems. What if our VPN had a vulnerability and an attacker leveraged that to gain credentials for a privileged user in R&D?

Energy and Utilities 96

Energy and Utilities Cybercrime Data collection VPN 96

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. ” reads the analysis published by Cisco Talos.

Ransomware 123

Ransomware Hacking VPN Phishing 123

Security Affairs

AUGUST 21, 2020

The Federal Bureau of Investigation ( FBI ) and the Cybersecurity and Infrastructure Security Agency ( CISA ) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries.

Social Engineering 124

Social Engineering VPN Phishing Authentication 124

Security Affairs

JANUARY 24, 2024

In January 2024, the Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. .” concludes the update.

Ransomware 115

Ransomware VPN Government Retail 115

Security Affairs

APRIL 10, 2023

.” DEV-1084 presented itself as cybercrime group likely as an attempt to hide its real motivation of a nation-state actor. Both groups used MULLVAD VPN. Microsoft provides mitigations for destructive attacks to secure on-prem environment and Azure AD environment. DEV-1084 used Rport and a customized version of Ligolo.

Ransomware 95

Ransomware Cybercrime VPN Education 95

Security Affairs

APRIL 21, 2024

The cybersecurity researchers observed threat actors obtaining initial access to organizations through a virtual private network (VPN) service without multifactor authentication (MFA) configured. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 113

Ransomware Encryption Antivirus VPN 113

Security Affairs

SEPTEMBER 12, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to VPN in the context of the targeted user. .

Ransomware 105

Ransomware VPN Authentication Phishing 105

Security Affairs

MAY 17, 2022

He has also advertised Jigsaw ransomware and collaborated with multiple actors selling compromised RDP and VPN access to various networks including drumrlu as confirmed by Resecurity and KELA. ” Zagala designed multiple ransomware and sold or rented them in the cybercrime ecosystem. .

Ransomware 95

Ransomware Cybercrime VPN Malware 95

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 97

Spyware Data breaches VPN Hacking 97

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. The cybersecurity vendor added that this vulnerability does not impact its Prisma Cloud and Cortex XSOAR products. SecurityAffairs – hacking, cybercrime).

Firewall 98

Firewall VPN Cybercrime Software 98

Security Affairs

MARCH 16, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.

VPN 97

VPN Network Security Hacking Cybersecurity 97

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. The flaw received a CVSS score of 9.1,

Malware 127

Malware VPN Authentication Hacking 127

Security Affairs

MAY 17, 2022

Most of the malicious apps were VPN software (42), followed by Camera (20), and Photo Editing (13). “Facestealer apps are disguised as simple tools — such as virtual private network (VPN), camera, photo editing, and fitness apps — making them attractive lures to people who use these types of apps.

Spyware 96

Spyware Cryptocurrency VPN Malware 96

Security Affairs

MAY 24, 2024

The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provided by vendors like Fortinet or QNAP, carries cybersecurity implications. Advisory on security impacts related to the use of TLS in proprietary vendor Dynamic DNS (DDNS) services. It increases the discoverability of customer devices by attackers.

DNS 119

DNS Manufacturing Firewall Internet 119

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a virtual private network (VPN). Disable hyperlinks in received emails.

Ransomware 113

Ransomware Antivirus Passwords Malware 113

Security Affairs

MARCH 21, 2020

Cybersecurity blogger Brian Krebs reported that the company suffered a security breach that led to the disruption of some services. We will keep you fully informed as we progress.” SecurityAffairs – Finastra, cybercrime). billion in revenues. Travelex deja vu? Pierluigi Paganini.

Cyber Attacks 123

Cyber Attacks Data breaches Advertising Ransomware 123

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 96

Data breaches DDOS VPN Hacking 96

Security Affairs

JANUARY 27, 2020

“Strong and effective partnerships between police and the cybersecurity industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyberthreat landscape. INTERPOL’s Director of Cybercrime. ” Craig Jones. ” Craig Jones.

Cybercrime 82

Cybercrime Marketing eCommerce Mobile 82

Security Affairs

JUNE 20, 2021

New Device Fingerprint Spoofing Tool Available in Dark Web The source code of the Paradise Ransomware was leaked on XSS hacking forum Fujifilm restores operations after recent ransomware attack Cyberium malware-hosting domain employed in multiple Mirai variants campaigns A flaw in Peloton Bike+ could allow hackers to control it An international joint (..)

Data breaches 103

Data breaches DDOS Small Business Ransomware 103

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Focus on cyber security awareness and training.

Ransomware 105

Ransomware DDOS Passwords Backups 105

Security Affairs

JULY 9, 2021

Bloomberg was informed about the payment by two people familiar with the attack. The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp.

Data breaches 143

Data breaches Insurance Ransomware Identity Theft 143

Security Affairs

OCTOBER 24, 2021

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads Facebook SSRF Dashboard allows hunting SSRF vulnerabilities Groove ransomware group calls on other ransomware gangs to hit US public sector DarkSide ransomware operators move 6.8M

Artificial Intelligence 58

Artificial Intelligence Ransomware Hacking VPN 58

Security Affairs

JANUARY 23, 2022

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. from the Lympo NTF platform.

VPN 87

VPN Ransomware Spyware DDOS 87

Security Affairs

JANUARY 14, 2022

The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization. Source SSU. The law enforcement arrested the leader of the group, a 36-year-old man that lives in Kyiv, along with his wife and three other acquaintances.

Ransomware 119

Ransomware DDOS Telecommunications Malware 119

Security Affairs

NOVEMBER 15, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware 120

Ransomware Manufacturing Healthcare Education 120