Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. SecurityAffairs – Fox Kitten campaign, VPN ). Pierluigi Paganini.

VPN 117

VPN Telecommunications Advertising Hacking 117

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors.

Malware 113

Malware Encryption Social Engineering Telecommunications 113

Security Affairs

MARCH 23, 2022

Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. virtual private network (VPN), remote desktop protocol (RDP), virtual desktop infrastructure (VDI) including Citrix, or Identity providers (including Azure Active Directory, Okta)). ” continues the analysis.

Accountability 100

Accountability VPN Social Engineering Hacking 100

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. This operation included blowing up cellphone towers and communication grids as well as jamming and cyberattacks against Iraq’s telephone networks.

DDOS 131

DDOS Ransomware Government Energy and Utilities 131

SecureList

MAY 12, 2021

Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. Access sellers.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123

SecureList

MAY 10, 2021

To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. That said, a VPN is no panacea if it too is vulnerable to amplification attacks. In Q1 2021, for instance, attackers went after Powerhouse VPN servers.

DDOS 96

DDOS Cryptocurrency Media Marketing 96

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The victims we observed were all high-profile Tunisian organizations, such as telecommunications or aviation companies. We attribute this activity to APT10 with high confidence.

Malware 139

Malware Spyware Government Social Engineering 139

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The past year — a harrowing period for the world economy — culminated in the spike of cybercrime. The most severe financial damage has occurred as a result of ransomware activity.

Banking 129

Banking Ransomware Phishing Marketing 129

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware 106

Firmware Surveillance Mobile Telecommunications 106