Encryption, Information and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

So maybe you’ve heard of VPNs but aren’t actually sure what they are. Simply put, a VPN creates a safe, anonymous pathway for the data you send and receive over a Wi-Fi network, allowing you to browse anonymously and access content as if you were in a different location. Do you really need a VPN for personal use? Why use a VPN?

VPN

VPN Antivirus Internet Internet

Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. ” reads the advisory.

VPN

VPN Ransomware Firewall Internet

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks.

VPN

VPN Passwords Software Telecommunications

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus

Antivirus VPN Encryption Malware

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

The Orange Cyberdefense CERT investigated four attackers with a similar initial access vector consisting of thecompromise of a Check Point VPN appliance. The experts believe threat actors exploited the zero-dayCVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features. The ransomware appends the .

Healthcare

Healthcare Ransomware VPN Malware

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Security Affairs

JANUARY 3, 2025

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 We see around 3.3M

Encryption

Encryption Passwords Internet Internet

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Security Affairs

NOVEMBER 9, 2024

Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. In each of the cases, attackers initially accessed targets using compromised VPN gateways without multifactor authentication enabled. Some of these VPNs were running unsupported software versions.”

Backups

Backups Ransomware VPN Accountability

9 Reasons Why Everyone Should Use a VPN

CyberSecurity Insiders

AUGUST 6, 2021

Most VPNs are user-friendly and are created with well-detailed guides which are navigable by nearly anyone, even a technology illiterate individual. Therefore, aside from ensuring your network is secured, a VPN is usually very easy to maneuver around, and unlike what most people assume, VPNs are not meant for tech-savvy individuals alone.

VPN

VPN Internet Internet Mobile

How Does a VPN Work? A Comprehensive Beginner’s Overview

eSecurity Planet

AUGUST 27, 2024

A virtual private network (VPN) does more than just mask your identity—it fundamentally changes how your data moves across the internet. But what’s really going on under the hood when you browse the web using a VPN? This encrypted data is nearly impossible to intercept and read without the appropriate decryption key.

VPN

VPN Encryption Internet Internet

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

Lumen’s telemetry shows that roughly 50% of the targeted enterprise devices are configured as a virtual private network (VPN) gateway. The reverse shell issued a challenge by sending an encrypted string using a hard-coded certificate. An attacker can compromise these systems to gain remote access to the organizations.

Malware

Malware VPN Encryption Hacking

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

The group typically employs double extortion, stealing and encrypting victims data, then threatening to expose it unless a ransom is paid. The attackers breached the organization via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA).

Ransomware

Ransomware Healthcare VPN Malware

New TunnelVision technique can bypass the VPN encapsulation

Security Affairs

MAY 8, 2024

TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. The researchers referred to this result as “decloaking.”

VPN

VPN Firewall Marketing Encryption

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

VPN

VPN Government Hacking Malware

8 security tips for small businesses

Malwarebytes

NOVEMBER 6, 2024

Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes. A stolen or lost device is stressful enough without having to worry about confidential information. Know what legal body you need to inform in case of a breach. Both can be used to protect your network.

Small Business

Small Business Backups Firewall VPN

How to recover files encrypted by Yanlouwang

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. This is necessary to make files used by other programs available for encryption. The encryption code for big files. Yanluowang description.

Encryption

Encryption Ransomware Backups VPN

How to recover files encrypted by Yanluowang

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. This is necessary to make files used by other programs available for encryption. The encryption code for big files. Yanluowang description.

Encryption

Encryption Ransomware Backups VPN

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN

VPN Government Hacking Accountability

US authorities have indicted Black Kingdom ransomware admin

Security Affairs

MAY 4, 2025

“The ransomware either encrypted data from victims computer networks or claimed to take that data from the networks. Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware

Ransomware Encryption VPN Cryptocurrency

Secure Your Online Privacy: How to Choose the Best VPN in 2023

CyberSecurity Insiders

MARCH 21, 2023

VPNs allow users to access the internet securely and privately by encrypting their internet traffic and hiding their IP addresses. However, with so many VPN providers available, it can be challenging to choose the best VPN for your needs. The first step in choosing the best VPN is to determine your needs.

VPN

VPN Internet Internet Encryption

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. It intercepts credentials by hooking into Versa’s “setUserPassword” method, encrypting and storing them on disk.

VPN

VPN Government Malware Manufacturing

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

A cyberattack on the Virginia Attorney Generals Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings. The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency.

Ransomware

Ransomware Hacking Social Engineering Manufacturing

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Encryption: How It Works, Types, and the Quantum Future

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption

Encryption Computers and Electronics Password Management Passwords

How Can You Keep Your Personal Information Safe?

CyberSecurity Insiders

OCTOBER 29, 2021

This is the most crucial step to keep your personal information safe. Unfortunately, you can’t get your personal information removed from the dark web, but you can be proactive in protecting it from theft once you know what information has become vulnerable. The Dark Web Uses Encryption to Hide Locations.

Passwords

Passwords Advertising Accountability Data breaches

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

The Last Watchdog

SEPTEMBER 26, 2023

26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. Advertising Practices: Given the complexity and different use cases for VPNs, claims must not mislead.

VPN

VPN Internet Internet Technology

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” To wit: “There is huge insider information on the companies which we target, including information if there are tape drives and clouds (for example, Datto that is built to last, etc.),

Cybercrime

Cybercrime Malware Ransomware VPN

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The group used a variety of attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. ” reads the post published by Microsoft.

Encryption

Encryption Ransomware Cybercrime Malware

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption

Encryption Authentication Passwords Password Management

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

Remote workers face having both their personal and work-related information compromised. Many people use a virtual private network (VPN) to bypass geographic restrictions on streaming sites or other location-specific content. Since a VPN tunnels traffic through a server in a location of your choosing. Set up firewalls.

VPN

VPN Firewall Antivirus Passwords

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The group now is targeting Cisco VPN products to gain initial access to corporate networks. Sophos researchers observed in May the threat actor using compromised Cisco VPN accounts to breach target networks.

VPN

VPN Ransomware Hacking Education

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption

Encryption Passwords IoT Firewall

Everyday Threat Modeling

Daniel Miessler

SEPTEMBER 27, 2020

Example 2: Using a VPN. A lot of people are confused about VPNs. If you log in at the end website you’ve identified yourself to them, regardless of VPN. VPNs encrypt the traffic between you and some endpoint on the internet, which is where your VPN is based. This is true. So, probably not a win.

VPN

VPN Risk Hacking Encryption

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 The cyber spies stole information belonging to targeted individuals that was subject to U.S. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies.

Telecommunications

Telecommunications Government Mobile Cyber threats

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

MAY 19, 2021

Demirkapi believes this loophole may indicate cause for more general concern about the way Experian protects consumer information. The perpetrators were quickly apprehended before they could leverage the information. The information included driver’s licenses , credit card , and Social Security numbers.

Risk

Risk Identity Theft Data breaches VPN

Police seize DoubleVPN data, servers, and domain

Malwarebytes

JUNE 30, 2021

A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised on cybercrime forums. The VPN company promised users the ability to double- and triple-encrypt their web traffic to obscure their location and identity. One of those options is DoubleVPN.

VPN

VPN Cybercrime Encryption Advertising

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

Introduction to TLS and Certificate Transparency Log Securing Internet communications is crucial for maintaining the confidentiality and integrity of information in transit. 509 [2] certificates) and encrypted, authenticated connections (TLS [3] and its precursor, SSL [4] ). For instance, suppose firewall manufacturer ACME Inc.

DNS

DNS Manufacturing Firewall Internet

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

The message included a “Google Support Case ID number” and information about the Google representative supposedly talking to him on the phone, stating the rep’s name as “Ashton” — the same name given by the caller. And to his everlasting regret, Tony clicked the “Yes, it’s me” button.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. Look for the “https” in the website’s URL—it means there’s some level of encryption.

DNS

DNS VPN Encryption Passwords

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

Security Affairs

MARCH 14, 2025

“When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. These newly created users were then added to the VPN user group, enabling future logins.” ” reads the report. SuperBlack modifies LockBit 3.0s

Firewall

Firewall Ransomware VPN Encryption

Is your whole digital life protected? 4 ways to address common vulnerabilities

Webroot

FEBRUARY 21, 2025

Then think about all the content that you share on these devices every day; much of it likely contains sensitive or critical information that, in the wrong hands, could lead to serious damage with long-lasting impact. Protect your privacy in your online activities Sharing information has become commonplace in our digital lives.

Identity Theft

Identity Theft Backups Antivirus Encryption

Does Your Organization Have a Security.txt File?

Krebs on Security

SEPTEMBER 20, 2021

What’s in the security.txt file varies somewhat, but most include links to information about the entity’s vulnerability disclosure policies and a contact email address. There may be another good reason for consolidating security contact and vulnerability reporting information in one, predictable place.

Retail

Retail Healthcare Internet Internet

New Linux Malware Surges, Surpassing Android

eSecurity Planet

AUGUST 2, 2022

The Atlas VPN report said the number of new Linux malware samples collected soared by 646% from the first half of 2021 to the first half of 2022, from 226,334 samples to nearly 1.7 The Atlas VPN team used AV-ATLAS, a threat intelligence platform from AV-TEST Gmb, for its report. million malware samples in the first half of 2022.

Malware

Malware VPN Encryption Marketing

Russian-based DoubleVPN seized by law enforcement

Security Affairs

JUNE 30, 2021

Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. The VPN service was offered for a starting price of €22 ($25). . “On 29th of June 2021, law enforcement took down DoubleVPN.

VPN

VPN Cybercrime Encryption Advertising

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Do you actually need a VPN? Your guide to staying safe online!

Trending Sources

Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766

Hackers Were Inside Citrix for Five Months

Adventures in Contacting the Russian FSB

NailaoLocker ransomware targets EU healthcare-related entities

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Veeam Backup & Replication exploit reused in new Frag ransomware attack

9 Reasons Why Everyone Should Use a VPN

How Does a VPN Work? A Comprehensive Beginner’s Overview

J-magic malware campaign targets Juniper routers

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

New TunnelVision technique can bypass the VPN encapsulation

China-linked APT groups targets orgs via Pulse Secure VPN devices

8 security tips for small businesses

How to recover files encrypted by Yanlouwang

How to recover files encrypted by Yanluowang

APT hacked a US municipal government via an unpatched Fortinet VPN

US authorities have indicted Black Kingdom ransomware admin

Secure Your Online Privacy: How to Choose the Best VPN in 2023

China’s Volt Typhoon botnet has re-emerged

Cloak ransomware group hacked the Virginia Attorney General’s Office

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Encryption: How It Works, Types, and the Quantum Future

How Can You Keep Your Personal Information Safe?

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

New Hive ransomware variant is written in Rust and use improved encryption method

Types of Encryption, Methods & Use Cases

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

What Is Encryption? Definition, How it Works, & Examples

Everyday Threat Modeling

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Credit Reporting Companies Put Customer Data at Risk

Police seize DoubleVPN data, servers, and domain

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

How to Lose a Fortune with Just One Bad Click

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

Is your whole digital life protected? 4 ways to address common vulnerabilities

Does Your Organization Have a Security.txt File?

New Linux Malware Surges, Surpassing Android

Russian-based DoubleVPN seized by law enforcement

Stay Connected