Security Affairs

NOVEMBER 22, 2020

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices. Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379.

VPN 136

VPN Banking Government Hacking 136

Adam Shostack

NOVEMBER 22, 2020

I’ve signed onto a letter to the European Commission on end to end encrypted communications.

Encryption 100

Encryption Engineering Software 100

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called CyberScan.

Malware 129

Malware Antivirus Cybercrime Software 129

WIRED Threat Level

NOVEMBER 22, 2020

For now, the security measure will be available only to people using the beta version of the app.

Encryption 103

Encryption 103

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

NOVEMBER 22, 2020

Officials confirm that the city of Saint John was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure. The city of Saint John, Canada, was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure, the incident was publicly disclosed on November 15. The cyberattack caused the shut down of the entire municipal network, including the city website, online payment systems, email and customer service applications.

Ransomware 105

Ransomware Cyber Attacks Cybercrime Media 105

Troy Hunt

NOVEMBER 22, 2020

With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is? [link] — Troy Hunt (@troyhunt) April 25, 2020 In my mind, the answer would be simple: "Just buy X, plug it in and you're good to go". Instead, I found myself heading down the rabbit hole into a world of soldering, custom firmware and community-driven home automation kits.

IoT 362

IoT Firmware Manufacturing Internet 362

Security Affairs

NOVEMBER 22, 2020

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Chilean-based retail giant Cencosud hit by Egregor Ransomware ShinyHunters hacked Pluto TV service, 3.2M accounts exposed The North Face website suffered a credential stuffing attack Crooks use software skimmer that pretends to be a security firm Lazarus malware delivered to South Korean users via supply chain attacks New Jupyter information st

Cyber Attacks 76

Cyber Attacks Retail Ransomware Phishing 76