Cybercrime, Information Security, Technology and VPN

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Europol said.

VPN

VPN Cybercrime Ransomware Advertising

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS

DDOS VPN Data breaches Cybercrime

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

. • Create security awareness for employees. One of the most important ways to protect against data breaches is to increase employee security awareness. Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. Use a corporate VPN.

Passwords

Passwords Security Awareness Data breaches Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft

Identity Theft VPN Malware Ransomware

Law enforcement operation dismantled 911 S5 botnet

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from your devices or machines.

VPN

VPN Cryptocurrency Malware Software

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories.

Hacking

Hacking Telecommunications InfoSec Cybercrime

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

In this advisory, I aim to explore how implementing a specific security technological combination (TLS and DDNS) negatively influences the overall security, inadvertently creating opportunities for attackers to exploit weaknesses on a massive scale. For instance, suppose firewall manufacturer ACME Inc.

DNS

DNS Manufacturing Firewall Internet

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

anti-cybercrime (Ofac).” The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Security Affairs

MARCH 22, 2022

Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Now the cybercrime gang claims to have leaked the source code for some Microsoft projects, including Bing and Cortana.

Cybercrime

Cybercrime Telecommunications VPN Hacking

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. virtual private network (VPN), remote desktop protocol (RDP), virtual desktop infrastructure (VDI) including Citrix, or Identity providers (including Azure Active Directory, Okta)). ” continues the analysis.

Accountability

Accountability VPN Social Engineering Hacking

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Engineering Manufacturing

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices.

Ransomware

Ransomware VPN Government Retail

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

On November 17, the library announced it was experiencing a major technology outage caused by a cyber-attack. We’re continuing to experience a major technology outage as a result of a cyber-attack, affecting our website, online systems and services, and some onsite services too. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Cyber Attacks Manufacturing Healthcare

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike.

Hacking

Hacking VPN Advertising Financial Services

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Hacking

Hacking Ransomware Manufacturing Healthcare

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN

VPN Ransomware Manufacturing IoT

UK Fintech company Finastra hit by a cyber attack

Security Affairs

MARCH 21, 2020

The financial technology firm Finastra announced it has suffered a ransomware attack that took down its some of its systems. Finastra , the UK leading financial technology provider, announced that some of its servers were shut down in response to a ransomware attack that the company detected. SecurityAffairs – Finastra, cybercrime).

Cyber Attacks

Cyber Attacks Data breaches Advertising Ransomware

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Manufacturing Healthcare

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Healthcare Education

Leveraging Cybersecurity Strategy to Enhance Data Protection Strategy

BH Consulting

JUNE 20, 2023

One may know what the term VPN means, but what about when a VPN should be used and more importantly – not used, and what are the risks of using a VPN versus the benefits. and I appreciate that most global privacy laws are typically technology agnostic – however their interpretation and implementation is not.

Cybersecurity

Cybersecurity Information Security VPN Authentication

The Black Basta ransomware gang hit multinational company ABB

Security Affairs

MAY 12, 2023

Swiss electrification and automation technology giant ABB suffered a Black Basta ransomware attack that impacted its business operations. Swiss multinational company ABB, a leading electrification and automation technology provider, it the last victim of the notorious Black Basta ransomware group. billion in revenue for 2022.

Ransomware

Ransomware VPN Hacking Technology

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Encryption VPN Manufacturing

Industrial automation giant ABB disclosed data breach after ransomware attack

Security Affairs

MAY 28, 2023

Swiss electrification and automation technology giant ABB confirmed it has suffered a data breach after a ransomware attack. On May 7, 2023, the Swiss multinational company, leading electrification and automation technology provider, suffered a cyber attack that reportedly impacted its business operations. billion in revenue for 2022.

Data breaches

Data breaches Ransomware VPN Hacking

Analyzing IP Addresses to Prevent Fraud for Enterprises

Security Affairs

SEPTEMBER 20, 2022

In recent years, users have seen the unsettling results of monitoring technologies, hyper-personalization, and big data. As a result, the number of people using these technologies to camouflage themselves online has grown, both regular internet users and people looking to scam others. Pierluigi Paganini.

Internet

Internet Internet Risk Big data

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Security Affairs

JANUARY 27, 2020

This successful operation is just one example of how law enforcement are working with industry partners, adapting and applying new technologies to aid investigations and ultimately reduce the global impact of cybercrime,» concluded Mr Jones.” INTERPOL’s Director of Cybercrime. ” Craig Jones. ” Idam Wasiadi.

Cybercrime

Cybercrime Marketing eCommerce Mobile

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Passwords VPN

+60,000 Android apps spotted hiding adware for past six months

Security Affairs

JUNE 7, 2023

The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile Security. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices.

Adware

Adware Mobile Malware Advertising

Security Affairs newsletter Round 343

Security Affairs

DECEMBER 5, 2021

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities in Hitachi Energy products NSO Group spyware used to compromise iPhones of 9 US State Dept officials (..)

Spyware

Spyware Ransomware Hacking VPN

Hive ransomware gang starts leaking data allegedly stolen from Tata Power

Security Affairs

OCTOBER 25, 2022

Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.”. The group used a variety of attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. key files.

Ransomware

Ransomware Data breaches Cyber Attacks Engineering

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

The debate about which threats pose the most danger to industrial enterprises often revolves around comparisons between APTs and cybercrime. And plans to improve information security and introduce new protection tools and measures are predicated, in some way, on the chosen adversary model. Actions of various attacker categories.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Experts warn of anomalous spyware campaigns targeting industrial firms

Security Affairs

JANUARY 21, 2022

“Curiously, corporate antispam technologies help the attackers stay unnoticed while exfiltrating stolen credentials from infected machines by making them ‘invisible’ among all the garbage emails in spam folders.” ” continues the report.

Spyware

Spyware Accountability Social Engineering Phishing

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The past year — a harrowing period for the world economy — culminated in the spike of cybercrime. The most severe financial damage has occurred as a result of ransomware activity.

Banking

Banking Ransomware Phishing Marketing

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

Mikko Hypponen joins The Hacker Mind to discuss cybercrime unicorns, the fog of cyber war that surrounds the Ukrainian war with its much larger neighbor, and of course Mikko’s new book, If it’s Smart, it’s Vulnerable. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

Eventually, I was presented with an opportunity to focus on security around a decade ago and I jumped right in. The economic impact of cybercrime had finally reached the breaking point that it needed dedicated practitioners and as the go-to for cybersecurity everywhere I had worked, it was a natural evolution.

CISO

CISO Healthcare InfoSec Computers and Electronics

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Webinars

Trending Sources

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

Webinars

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Law enforcement operation dismantled 911 S5 botnet

Lapsus$ gang claims to have hacked Microsoft source code repositories

Daixin Team targets health organizations with ransomware, US agencies warn

FBI chief says China is preparing to attack US critical infrastructure

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

French authorities arrested a Russian national for his role in the Hive ransomware operation

Lapsus$ extortion gang leaked the source code for some Microsoft projects

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Rhysida ransomware gang claimed China Energy hack

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Rhysida ransomware gang is auctioning data stolen from the British Library

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs newsletter Round 326

UK Fintech company Finastra hit by a cyber attack

Rhysida ransomware group hacked King Edward VII’s Hospital in London

FBI and CISA warn of attacks by Rhysida ransomware gang

Leveraging Cybersecurity Strategy to Enhance Data Protection Strategy

The Black Basta ransomware gang hit multinational company ABB

Researchers released a free decryption tool for the Rhysida Ransomware

Industrial automation giant ABB disclosed data breach after ransomware attack

Analyzing IP Addresses to Prevent Fraud for Enterprises

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Hive Ransomware Tor leak site apparently seized by law enforcement

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

+60,000 Android apps spotted hiding adware for past six months

Security Affairs newsletter Round 343

Hive ransomware gang starts leaking data allegedly stolen from Tata Power

Threats to ICS and industrial enterprises in 2022

Experts warn of anomalous spyware campaigns targeting industrial firms

Group-IB Hi-Tech Crime Trends 2020/2021 report

The Hacker Mind Podcast: The Fog of Cyber War

Cisco’s CISO of the Month – Esmond Kane

Stay Connected