Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN 137

VPN Government Hacking Accountability 137

Security Affairs

MAY 4, 2025

“The ransomware either encrypted data from victims computer networks or claimed to take that data from the networks. Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware 115

Ransomware Encryption VPN Cryptocurrency 115

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. RAPIDPULSE can serve as an encrypted file downloader for the attacker. and Europe.”

VPN 142

VPN Government Malware Hacking 142

Security Affairs

FEBRUARY 17, 2020

Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. ” states Tutanota. We condemn the blocking of Tutanota. Pierluigi Paganini.

Encryption 115

Encryption VPN Government Internet 115

Security Affairs

NOVEMBER 13, 2024

Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. It intercepts credentials by hooking into Versa’s “setUserPassword” method, encrypting and storing them on disk.

VPN 124

VPN Government Malware Manufacturing 124

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 142

VPN Firewall Accountability Cybersecurity 142

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The group used a variety of attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. ” reads the post published by Microsoft.

Encryption 139

Encryption Ransomware Cybercrime Malware 139

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN 112

VPN Hacking IoT Advertising 112

Daniel Miessler

SEPTEMBER 27, 2020

Example 2: Using a VPN. A lot of people are confused about VPNs. They think it’s giving them security that it isn’t because they haven’t properly understood the tech and haven’t considered the attack scenarios. If you log in at the end website you’ve identified yourself to them, regardless of VPN.

VPN 326

VPN Risk Hacking Encryption 326

Security Affairs

MARCH 24, 2025

A cyberattack on the Virginia Attorney Generals Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings. The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. .

Ransomware 104

Ransomware Hacking Social Engineering Manufacturing 104

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Europol said. Pierluigi Paganini.

VPN 110

VPN Cybercrime Ransomware Advertising 110

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The group now is targeting Cisco VPN products to gain initial access to corporate networks. Sophos researchers observed in May the threat actor using compromised Cisco VPN accounts to breach target networks.

VPN 98

VPN Ransomware Hacking Education 98

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. ” reads the advisory published by the experts.

VPN 98

VPN Encryption Advertising Authentication 98

Malwarebytes

JANUARY 4, 2023

Synology has issued an advisory about a vulnerability that allows remote attackers to execute arbitrary commands through a susceptible version of Synology VPN Plus Server. VPN Plus Server. VPN Plus Server allows users to turn their Synology Router into a Virtual Rrivate Network (VPN) server. 0534 and 1.4.4-0635

VPN 98

VPN Internet Internet Encryption 98

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 98

Encryption Ransomware VPN Malware 98

Security Affairs

MARCH 14, 2025

“When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. These newly created users were then added to the VPN user group, enabling future logins.” ” reads the report. SuperBlack modifies LockBit 3.0s

Firewall 67

Firewall Ransomware VPN Encryption 67

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 353

Cybercrime Malware Ransomware Penetration Testing 353

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. Look for the “https” in the website’s URL—it means there’s some level of encryption.

DNS 144

DNS VPN Encryption Passwords 144

Security Affairs

JUNE 30, 2021

Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. The VPN service was offered for a starting price of €22 ($25). . “On 29th of June 2021, law enforcement took down DoubleVPN.

VPN 142

VPN Cybercrime Encryption Advertising 142

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. ” reads the advisory published by the IT giant.

VPN 135

VPN Software Encryption Authentication 135

Security Affairs

FEBRUARY 12, 2024

The issue was discovered by Attila Tomaschek, a VPN expert and staff writer at the tech publication CNET. Tomaschek noticed that DNS requests on his Windows machine weren’t being directed to ExpressVPN’s dedicated servers when he had activated the split tunneling feature, which is used to limit which apps send their traffic through the VPN.

DNS 138

DNS VPN Encryption Internet 138

Krebs on Security

JULY 25, 2023

.” Lumen’s research team said the purpose of AVrecon appears to be stealing bandwidth – without impacting end-users – in order to create a residential proxy service to help launder malicious activity and avoid attracting the same level of attention from Tor-hidden services or commercially available VPN services. com, sscompany[.]net,

Malware 244

Malware VPN Internet Internet 244

Security Affairs

NOVEMBER 24, 2024

Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 64

Malware Spyware Antivirus VPN 64

Zero Day

JUNE 6, 2025

Based on an analysis by cybersecurity news platform Hackread , the data contains dates of birth, phone numbers, email addresses, street addresses, and even social security numbers. The hackers say that the dates of birth and social security numbers were originally encrypted but have since been decrypted and are now visible in plain text.

Password Management 128

Password Management Passwords Software Artificial Intelligence 128

Security Affairs

MARCH 24, 2021

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents. It does indeed encrypt files. pic.twitter.com/POYlPYGjsz — MalwareTech (@MalwareTechBlog) March 21, 2021.

Ransomware 145

Ransomware Encryption VPN Malware 145

Security Affairs

DECEMBER 6, 2020

The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected. ” reported ZDNet.

Ransomware 136

Ransomware VPN Encryption Authentication 136

Security Affairs

JUNE 6, 2025

The group typically employs “double extortion,” stealing and encrypting victims’ data, then threatening to expose it unless a ransom is paid. in FortiOS SSL VPN was actively exploited in attacks in the wild. Despite the regional focus, the group appears to choose victims opportunistically rather than by region or sector.

Ransomware 78

Ransomware Authentication Healthcare Firewall 78

The Last Watchdog

OCTOBER 24, 2022

Use a corporate VPN. Encrypting data on corporate devices can prevent hackers from accessing sensitive information. The best way to protect data in this way is to set up a corporate VPN (a virtual private network). VPNs allow employees to connect to the internet securely while hiding the company’s IP address.

Security Awareness 214

Security Awareness Passwords Data breaches Cybersecurity 214

Security Affairs

DECEMBER 4, 2024

Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies. Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 are essential for protecting data.

Telecommunications 114

Telecommunications Government Mobile Cyber threats 114

Security Affairs

SEPTEMBER 22, 2024

The group targets Russian entities, it encrypts victims’ data without demanding a ransom and then destroy their infrastructure with a wiper to destroy its operations. The threat actor gains initial access by abusing valid local or domain accounts, VPN or SSH certificates. ” concludes the report.

VPN 133

VPN Encryption Hacking Accountability 133

Security Affairs

AUGUST 29, 2021

. “Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server.” ” reads the advisory published by the company.

VPN 136

VPN Encryption Authentication Hacking 136

Security Affairs

APRIL 8, 2022

Not all providers are created equal, and it’s important to do your research to find one that will meet your specific needs and security requirements. Data encryption. In the cloud era, data encryption is more important than ever. It is also important to make sure that your data is encrypted both in motion and at rest.

Cybersecurity 132

Cybersecurity Passwords Penetration Testing Encryption 132

Krebs on Security

APRIL 20, 2023

Mandiant found the earliest evidence of compromise uncovered within 3CX’s network was through the VPN using the employee’s corporate credentials, two days after the employee’s personal computer was compromised.

Malware 331

Malware Software Technology Accountability 331

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware 145

Ransomware Encryption Passwords Malware 145

Security Affairs

OCTOBER 26, 2019

Even though encryption should be taken seriously by businesses of all sizes, only a small fraction of the corporate sector puts their back on it. Why is Encryption a Feasible Option against Digital Threats? Encryption plays an integral role in securing the online data as well as its integrity. Final Thoughts.

Encryption 71

Encryption Ransomware Cybercrime Cyber threats 71

Security Affairs

APRIL 21, 2024

The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files. “Akira threat actors utilize a sophisticated hybrid encryption scheme to lock data.

Ransomware 141

Ransomware Encryption Antivirus Architecture 141

Security Affairs

FEBRUARY 12, 2024

Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware 132

Ransomware Encryption Manufacturing Healthcare 132