Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 119

VPN Government Firmware Authentication 119

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities.

VPN 85

VPN Malware Authentication Small Business 85

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 2 VPN ZLD V4.30

Firewall 91

Firewall VPN Authentication Hacking 91

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. and Europe.” ” reads the report published by FireEye.

VPN 127

VPN Government Malware Hacking 127

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Hacking 115

Hacking Ransomware Manufacturing Healthcare 115

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. SecurityAffairs – hacking, malware).

VPN 136

VPN Banking Passwords Malware 136

Security Affairs

JANUARY 19, 2024

Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part of its network and services. Kansas State University (K-State) suffered a cybersecurity incident that impacted a portion of its network and services. At this time, K-State has yet to provide details about the security breach.

Cybersecurity 100

Cybersecurity Wireless VPN Hacking 100

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. Last week, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks. VPNs, RDPs) to gain initial access to the target network and maintain persistence.

Ransomware 112

Ransomware Hacking Engineering Manufacturing 112

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. SecurityAffairs – hacking, Yanluowang ransomware). Pierluigi Paganini.

Ransomware 122

Ransomware Hacking VPN Phishing 122

Security Affairs

FEBRUARY 1, 2024

Mandiant researchers recently discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, IVANTI )

VPN 95

VPN Authentication Software Malware 95

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 104

VPN Firewall Firmware Authentication 104

Security Affairs

JANUARY 12, 2023

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. Fortinet researchers reported how threat actors exploited the recently patched FortiOS SSL-VPN vulnerability ( CVE-2022-42475 ) in attacks against government organizations and government-related targets.

VPN 84

VPN Malware Engineering Government 84

Security Affairs

MAY 2, 2022

In this ongoing war, some types of data storage are more prone to hacking because of the need to access, process, and analyze data quickly. Opportunistic employees in sensitive positions can abuse network privileges to obtain sensitive information, use weak passwords, or accidentally respond to phishing. Secure Your Network with a VPN.

IoT 122

IoT Cybersecurity VPN Internet 122

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. SecurityAffairs – hacking, Zerologon). The post APT groups chain VPN and Windows Zerologon bugs to attack US government networks appeared first on Security Affairs.

VPN 136

VPN Government Authentication Advertising 136

Security Affairs

JUNE 19, 2021

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. A KAERI spokesperson revealed that threat actors exploited a vulnerability in a virtual private network (VPN) server to gain access to the network of the institute. ” reported the Reuters.

Hacking 139

Hacking VPN Internet Internet 139

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “In A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 100

VPN Government Authentication Cybersecurity 100

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN 90

VPN Ransomware Antivirus Firmware 90

Security Affairs

SEPTEMBER 2, 2022

Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm. Researchers from cybersecurity firm eSentire discovered that the attack infrastructure used in recent Cisco hack was also used to attack a top Workforce Management corporation in in April 2022.

Hacking 92

Hacking VPN Ransomware Authentication 92

Security Affairs

MAY 25, 2021

A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote authenticated attacker to execute arbitrary code with elevated privileges.

VPN 95

VPN Authentication Hacking Software 95

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. VPNs, RDPs) to gain initial access to the target network and maintain persistence.

Ransomware 104

Ransomware Hacking Manufacturing Healthcare 104

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. SecurityAffairs – hacking, ransomware).

VPN 117

VPN Internet Internet Software 117

Security Affairs

MAY 30, 2024

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances. Impacted versions are R80.20.x, x, and R81.20.

VPN 106

VPN Firewall Hacking Risk 106

Security Affairs

MARCH 9, 2024

in FortiOS SSL VPN was actively exploited in attacks in the wild. The security firm did not provide details about the attacks exploiting this vulnerability. The vendor recommends to disable SSL VPN as a workaround. “A Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). reads the advisory.

Internet 132

Internet Internet VPN Engineering 132

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. The cybersecurity vendor warns that the vulnerability is easily exploitable by an unauthenticated network-based attacker. SecurityAffairs – hacking, GlobalProtect VPN ). Pierluigi Paganini.

VPN 97

VPN Firewall Internet Internet 97

Security Affairs

FEBRUARY 16, 2024

Cybersecurity and Infrastructure Security Agency (CISA) revealed that a threat actor gained access to an unnamed state government organization’s network environment via an administrator account belonging to a former employee. ” reads the report published by CISA. CISA did not attribute the attack to a specific threat actor.

Government 124

Government VPN Accountability Authentication 124

Security Affairs

NOVEMBER 29, 2022

The cybersecurity firm addressed the flaw with the release of FortiOS/FortiProxy versions 7.0.7 The company also provides a workaround for those who can’t immediately deploy security updates. The sensitive system information, system configurations, and network details might be further distributed over the darkweb.

VPN 98

VPN Firewall Authentication Internet 98

Security Affairs

FEBRUARY 10, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS Out-of-Bound write vulnerability, tracked as CVE-2024-21762 , to its Known Exploited Vulnerabilities (KEV) catalog.

VPN 106

VPN Hacking Cybersecurity Risk 106

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 103

Ransomware Backups VPN Authentication 103

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability. SecurityAffairs – Pulse Secure VPN , hacking). Pierluigi Paganini.

VPN 67

VPN InfoSec Advertising Cybersecurity 67

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Notably, the actors are looking to buy remote VPN access and asking potential insiders to contact them privately via Telegram, they then reward them by paying for the access granted. Pierluigi Paganini.

Hacking 89

Hacking Telecommunications InfoSec Cybercrime 89

Security Affairs

APRIL 8, 2022

Which are the most important cybersecurity measures that businesses can take to protect themselves in the cloud era? This ubiquity has led to increased concerns about data security, as more and more sensitive information is stored online. In this article, we will discuss 15 of the most important cybersecurity measures.

Cybersecurity 93

Cybersecurity Passwords Penetration Testing Encryption 93

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN 92

VPN Advertising Hacking Government 92

Security Affairs

NOVEMBER 11, 2022

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor ( 0x_dump ) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. SecurityAffairs – hacking, Deutsche Bank).

Banking 88

Banking Hacking InfoSec Insurance 88

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 100

VPN Cybercrime Ransomware Hacking 100

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking 87

Hacking VPN Marketing Authentication 87

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 80

Ransomware Backups VPN Authentication 80

Security Affairs

FEBRUARY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. The vulnerability CVE-2020-3259 is an information disclosure issue that resides in the web services interface of ASA and FTD. This week the U.S.

Ransomware 123

Ransomware VPN Education Hacking 123