Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 73

Cybercrime Hacking Artificial Intelligence Ransomware 73

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 73

Cybercrime Firewall Phishing Social Engineering 73

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. VPN ZLD V4.60

Firewall 98

Firewall Firmware VPN DDOS 98

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs. .

VPN 90

VPN Passwords Firewall Firmware 90

Security Affairs

FEBRUARY 15, 2025

CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug U.S. custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 71

Spyware Firewall Artificial Intelligence Malware 71

Security Affairs

NOVEMBER 29, 2022

In early October, Fortinet addressed the critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. Now Cyble researchers reported more than 100,000 FortiGate firewalls accessible from the internet that may be targeted by threat actors if not patched yet.

VPN 104

VPN Firewall Authentication Internet 104

Security Affairs

JUNE 6, 2025

Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities. Consider extra security layers : Use additional protection like a VPN for safer online activity. The following authorities participated in the Operation Magnus. payment info) may have been compromised.

Malware 88

Malware Passwords Identity Theft Government 88

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 71

Spyware Data breaches DNS Artificial Intelligence 71

Zero Day

JUNE 27, 2025

Router and firewall configuration: Your own routers and firewalls can help. If you don't have firewalls and intrusion prevention systems (IPS) that are tough enough to handle large traffic volumes without degrading performance, buy them. Block it already!

DDOS 97

DDOS Small Business Password Management Passwords 97

CyberSecurity Insiders

MARCH 21, 2021

With a VPN like Surfshark to encrypt your online traffic and keep it protected against any security breach, your valuable data isn’t going to get compromised easily anytime soon. Firewalls . Install hardware firewalls for the maximum level of network security. . Use a VPN to protect your online security and privacy.

Small Business 145

Small Business Cyber Attacks VPN Backups 145

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware 140

Ransomware VPN Healthcare Cyber Attacks 140

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 133

VPN Cybercrime Hacking Ransomware 133

Security Affairs

NOVEMBER 11, 2021

Iranian nation-state actors are attempting to buy info available for sale in the cybercrime underground to launch attacks against US organizations. Attackers also use to exploit the Kentico Content Management System (CVE-2019-10068) and used SQLmap to bypass Web Application Firewalls. .

VPN 114

VPN Cybercrime Firewall Passwords 114

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Hacking 131

Hacking Artificial Intelligence Firewall Malware 131

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 141

VPN Accountability Firewall Data breaches 141

Security Affairs

JUNE 6, 2025

in FortiOS SSL VPN was actively exploited in attacks in the wild. Threat actors exploit the flaws to create rogue admin or local users, modify firewall policies, and access SSL VPNs to gain access to internal networks. websocket module or via crafted CSF proxy requests.” reads the advisory.

Ransomware 78

Ransomware Authentication Healthcare Firewall 78

SecureWorld News

FEBRUARY 27, 2021

One of the major issues surrounds keeping remote workers protected against cybercrime. Within an office environment, workers have a number of protections, such as the company firewall and regularly updated infrastructure. Invest in a strong VPN. Without these protections, remote staff can potentially be vulnerable.

Cybercrime 59

Cybercrime Computers and Electronics VPN Firewall 59

Security Affairs

JANUARY 12, 2025

CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog Threat actors breached the Argentinas airport security police (PSA) payroll Moxa router flaws pose serious risks to industrial environmets US adds Tencent to the list of companies supporting Chinese military Eagerbee backdoor targets govt entities (..)

Data breaches 62

Data breaches Phishing Social Engineering Engineering 62

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. The affiliates used to deliver the threat via brute-forcing attacks on RDP servers or exploiting known vulnerabilities in VPN servers and firewalls. continues the alert.

Ransomware 135

Ransomware VPN Cybercrime Advertising 135

Identity IQ

MARCH 9, 2023

As a result, vulnerability to cybercrime is a serious concern. Use a VPN A VPN encrypts your traffic with military-grade encryption. A VPN also hides your IP address. Use a Firewall A firewall can help protect your computer from attacks by blocking incoming connections that are not authorized.

VPN 98

VPN Antivirus Identity Theft DNS 98

SecureWorld News

AUGUST 28, 2024

or apply the latest hotfixes; Emphasizing the importance of following their system hardening and firewall guidelines, which have been available since 2015 and 2017, respectively. Versa Networks has responded to the threat by: Releasing patches for affected versions of Versa Director; Advising customers to upgrade to version 22.1.4

Firewall 108

Firewall VPN Accountability Internet 108

Security Affairs

JULY 5, 2021

Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/or Place administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.

Ransomware 139

Ransomware Backups Firewall VPN 139

Security Affairs

APRIL 3, 2022

Sophos Firewall affected by a critical authentication bypass flaw Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict Security Affairs newsletter Round 358 by Pierluigi Paganini Western Digital addressed a critical bug in My Cloud OS 5 CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog.

Firewall 98

Firewall Hacking DDOS Scams 98

Security Affairs

MAY 27, 2023

New Buhti ransomware operation uses rebranded LockBit and Babuk payloads New PowerExchange Backdoor linked to an Iranian APT group Dark Frost Botnet targets the gaming sector with powerful DDoS New CosmicEnergy ICS malware threatens energy grid assets D-Link fixes two critical flaws in D-View 8 network management suite Zyxel firewall and VPN devices (..)

Cybercrime 98

Cybercrime Ransomware Malware Hacking 98

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers,” the company said.

Firewall 102

Firewall Cybercrime VPN Software 102

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 80

Ransomware VPN Cybercrime Accountability 80

Malwarebytes

MAY 13, 2021

If you have to use public WiFi hotspots, it’s wise to also use a VPN to keep your activity private while you use that connection. A VPN wraps your network traffic (including web browsing, email, and other things) in a protective tunnel and makes up for any weaknesses in their encryption. Always change default passwords.

Wireless 120

Wireless VPN Internet Internet 120

Security Affairs

MARCH 21, 2023

“Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN. With VPN/Firewall attackers from open internet cannot access your server and exploit it. If your server was breached please reinstall the whole server including operation system.” ” continues the notice.

Cryptocurrency 98

Cryptocurrency VPN Manufacturing Firewall 98

Security Affairs

OCTOBER 29, 2024

Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities. Consider extra security layers : Use additional protection like a VPN for safer online activity. The following authorities participated in the Operation Magnus. payment info) may have been compromised.

Identity Theft 98

Identity Theft Passwords Malware Banking 98

Security Affairs

MAY 24, 2024

For instance, suppose firewall manufacturer ACME Inc. For instance, suppose firewall manufacturer ACME Inc. Fortinet Fortinet has introduced the “FortiGuard DDNS” service in its FortiGate firewall products.

DNS 138

DNS Manufacturing Firewall Internet 138

Security Affairs

APRIL 19, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware.

Energy and Utilities 134

Energy and Utilities Telecommunications Technology Government 134

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. The affiliates used to deliver the threat via brute-forcing attacks on RDP servers or exploiting known vulnerabilities in VPN servers and firewalls. continues the alert.

Ransomware 89

Ransomware VPN Cybercrime Advertising 89

SecureWorld News

DECEMBER 1, 2023

If remote access is necessary, implement a Firewall/VPN in front of the PLC to control network access to the remote PLC. A VPN or gateway device can enable multifactor authentication for remote access even if the PLC does not support multifactor authentication. Disconnect the PLC from the open internet.

Energy and Utilities 117

Energy and Utilities VPN Authentication Passwords 117

Security Affairs

JANUARY 3, 2021

HackerOne announces first bug hunter to earn more than $2M in bug bounties SolarWinds releases updated advisory for SUPERNOVA backdoor Vermont Hospital confirmed the ransomware attack E-commerce app 21 Buttons exposes millions of users data Finland confirms that hackers breached MPs emails accounts Multi-platform card skimmer targets Shopify, BigCommerce, (..)

Data breaches 104

Data breaches Mobile Firewall Ransomware 104

CyberSecurity Insiders

JUNE 13, 2023

Avoid sharing sensitive information on public Wi-Fi networks and use a virtual private network (VPN) when connecting to public networks. Be Skeptical of Phishing Attempts: Phishing is a prevalent cybercrime technique that involves tricking individuals into divulging their sensitive information.

Cybersecurity 93

Cybersecurity Education Cyber threats Backups 93

SecureWorld News

JULY 15, 2024

Cybersecurity professionals should read the terms of service for any antivirus, VPN, or firewall software they are using. Cybercrime is a human problem," Kelso said. "If "Many companies like Kaspersky and Trend Micro are not based in the U.S., which means these companies fall under the jurisdiction of the host country.

Cybersecurity 113

Cybersecurity Antivirus Government Software 113

Security Affairs

NOVEMBER 15, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. .” Rhysida actors have been observed leveraging external-facing remote services (e.g.

Ransomware 137

Ransomware Manufacturing Healthcare Education 137