Government, Hacking, Internet and VPN - Cyber Security Informer

Russian internet watchdog Roskomnadzor bans six more VPN services

Security Affairs

DECEMBER 2, 2021

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. SecurityAffairs – hacking, VPN services).

VPN

VPN Internet Internet Media

U.S. CISA: hackers breached a state government organization

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The government experts conducted an incident response assessment of the state government organization after its documents were posted on the dark web.

Government

Government VPN Accountability Authentication

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai.

VPN

VPN Government Advertising Firmware

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. The statement reveals that one of the two hacking groups was a China-linked cyber espionage group. ” reads the report published by FireEye. ” continues the report.

VPN

VPN Hacking Authentication Government

5 common VPN myths busted

Malwarebytes

MARCH 11, 2021

Virtual Private Networks ( VPN s) are popular but often misunderstood. VPNs are for illegal activity. Some people think that VPNs are only useful for doing things like torrenting, accessing geo-locked content, or getting around work/school/government firewalls. I don’t need a mobile VPN.

VPN

VPN Encryption Mobile Surveillance

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

Security Affairs

JANUARY 20, 2023

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. firewalls, IPSIDS appliances etc.).

VPN

VPN Firewall Internet Internet

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation.

Hacking

Hacking VPN Internet Internet

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk

Risk VPN Internet Internet

Social media partially disrupted in Cuba amid anti-government protests

Security Affairs

JULY 13, 2021

NetBlocks reported partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went to the streets to protest the government. VPN services have yet to be blocked in the country, allowing citizens to bypass internet censorship. SecurityAffairs – hacking, Cuba).

Media

Media Government Internet Internet

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN

VPN Computers and Electronics Antivirus Software

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN

VPN Cybercrime Ransomware Hacking

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

MY TAKE: How consumer-grade VPNs are enabling individuals to do DIY security

The Last Watchdog

APRIL 26, 2021

As part of this mindset, more consumers are subscribing to a personal VPN service which they use to shield themselves from disinformation sweeps and to protect themselves from Covid 19-related hacks and scams. I’ve since discovered that there’s a heck of a lot going on in the B2C VPN space. percent ten years ago.

B2C

B2C VPN Marketing Antivirus

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Hacker groups support protestors in Iran using Telegram, Signal and Darkweb

Security Affairs

SEPTEMBER 30, 2022

Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship. The hackers are sharing tools and tips to bypass censorship, including opening VPN servers, to avoid restrictions introduced in the country following the death of Mahsa Amini. Pierluigi Paganini.

VPN

VPN Government Internet Internet

Russian communications watchdog Roskomnadzor blocks access to 6 VPNs

Security Affairs

SEPTEMBER 8, 2021

Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN and ExpressVPN. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN,

VPN

VPN Internet Internet Mobile

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. Pierluigi Paganini.

VPN

VPN Firewall Advertising Media

Russia restricts Twitter in the country amid conflict with Ukraine

Security Affairs

FEBRUARY 26, 2022

Global internet monitor working group NetBlocks reported that Twitter has been restricted in Russia amid conflict with Ukraine. Global internet monitor working organization NetBlocks shared its metrics confirming the restriction of Twitter in Russia from early morning amid conflict with Ukraine. SecurityAffairs – hacking, censorship).

Media

Media VPN Internet Internet

Everyday Threat Modeling

Daniel Miessler

SEPTEMBER 27, 2020

Example 2: Using a VPN. A lot of people are confused about VPNs. If you log in at the end website you’ve identified yourself to them, regardless of VPN. VPNs encrypt the traffic between you and some endpoint on the internet, which is where your VPN is based. The Government. This is true.

VPN

VPN Risk Hacking Encryption

Twitter restricted in Turkey after the earthquake amid disinformation fear

Security Affairs

FEBRUARY 9, 2023

Global internet monitor NetBlocks reported that Twitter has been restricted in Turkey in the aftermath of the earthquake. Global internet monitor NetBlocks reported that network data confirm that Twitter has been restricted in Turkey in the aftermath of the earthquake. ” reported Netblocks.

Internet

Internet Internet Media VPN

Security Affairs newsletter Round 402 by Pierluigi Paganini

Security Affairs

JANUARY 15, 2023

Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 SecurityAffairs – hacking, newsletter).

Small Business

Small Business Password Management VPN Healthcare

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Volt Typhoon)

Small Business

Small Business Technology VPN Manufacturing

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

“Globally, in 2021, malicious cyber actors targeted internet-facing systems, such as email servers and virtual private network (VPN) servers, with exploits of newly disclosed vulnerabilities. SecurityAffairs – hacking, SolarMarker). This advisory also includes other frequently exploited vulnerabilities. Pierluigi Paganini.

Software

Software VPN Cybersecurity Internet

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Security Affairs

NOVEMBER 11, 2021

Government experts also attempt to enable Remote Desktop Protocol (RDP) on victim machines or to bruteforce existing RDP accesses. The threat actors also heavily leverage VPNs services such as Private Internet Access, Atlas VPN, TiKNet VPN, VPN Master Lite, and CyberGhost. SecurityAffairs – hacking, Iran).

VPN

VPN Cybercrime Passwords Firewall

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Riley Kilmer is co-founder of Spur.us , a company that tracks thousands of VPN and proxy networks, and helps customers identify traffic coming through these anonymity services. as a media sharing device on a local network that was somehow exposed to the Internet. 2012, from an Internet address in Magnitogorsk, RU.

Malware

Malware Passwords Accountability Advertising

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

The Last Watchdog

JULY 30, 2021

Then a global pandemic came along and laid bare just how brittle company VPNs truly are. Criminal hackers recognized the golden opportunity presented by hundreds of millions employees suddenly using a company VPN to work from home and remotely connect to an array of business apps. Two sweeping trends resulted: one bad, one good.

VPN

VPN Firewall Encryption Accountability

CERT-UA warns of malspam attacks distributing the Jester info stealer

Security Affairs

MAY 9, 2022

Government experts observed that malicious executables are downloaded from compromised web resources. “The government’s team for responding to computer emergencies in Ukraine CERT-UA revealed the fact of mass distribution of e-mails on the topic of “chemical attack” and a link to an XLS-document with a macro.”

Password Management

Password Management VPN Cryptocurrency Government

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Security Affairs

MAY 30, 2019

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. The study also revealed that two of those VPN products are under its other developer name, Lemon Clove, and another two by Autumn Breeze 2018. Innovative Connecting VPNs products.

VPN

VPN Small Business Mobile Advertising

Resilience lies with security: Securing remote access for your business

Webroot

OCTOBER 22, 2021

The most popular options include virtual private network (VPN) or remote desktop protocol (RDP). VPN works by initiating a secure connection over the internet through data encryption. One downside of using a VPN connection involves vulnerability. One downside of using a VPN connection involves vulnerability.

VPN

VPN Penetration Testing Education Security Awareness

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.

Malware

Malware Telecommunications Government VPN

CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022

Security Affairs

AUGUST 3, 2023

” Government experts warn that in 2022, most of the exploited flaws were older software vulnerabilities and that threat actors targeted unpatched, internet-facing systems. According to the advisory, threat actors generally have the most success exploiting known vulnerabilities within the first two years of public disclosure.

Authentication

Authentication VPN Internet Internet

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

SecurityAffairs – hacking, newsletter). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. The post Security Affairs newsletter Round 269 appeared first on Security Affairs.

DDOS

DDOS Spyware Mobile Advertising

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

Since early February, the Russian government has blocked other encrypted email and VPN services in Russia, including ProtonMail and ProtonVPN VPN service. The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users.

Encryption

Encryption VPN Government Internet

7 Tactics Recently Used By SolarWinds Hackers

SecureWorld News

DECEMBER 8, 2021

The Russian-linked group, dubbed "Nobelium" by Microsoft, has continued its hacking campaigns targeting business and government entities around the globe, according to new research from Mandiant. Mandiant believes a misconfiguration by the threat actor meant that the VPN services running on the VPS stopped functioning after 8 hours.

VPN

VPN Authentication Mobile Internet

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server.

Ransomware

Ransomware VPN Cybercrime Accountability

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

The Last Watchdog

MARCH 6, 2020

Tried-and-true hacking techniques continue to be highly effective at flushing out soft spots in legacy network defenses, even highly layered security systems. 19 on a hacking forum. Victims included celebrities, tech CEOs, reporters, government officials and employees at some of the world’s largest tech companies.

CISO

CISO VPN Digital transformation Internet

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military.

Phishing

Phishing Accountability Advertising DNS

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Volt Typhoon targets internet-facing Fortinet FortiGuard devices to achieve initial access to targeted organizations.

Accountability

Accountability VPN Manufacturing Firewall

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

SecureWorld News

SEPTEMBER 30, 2022

Several hacktivist groups are utilizing resources such as Telegram, Signal, and the Dark Web to help protestors in Iran who are fighting back against the government's violent response to protests across the country. Telegram has been one of the most useful tools for the citizens of Iran. aerospace company.

Government

Government Telecommunications Encryption Internet

Secure Your Online Privacy: How to Choose the Best VPN in 2023

CyberSecurity Insiders

MARCH 21, 2023

With the increasing need for online privacy and security, Virtual Private Networks (VPNs) have become a popular solution for internet users. VPNs allow users to access the internet securely and privately by encrypting their internet traffic and hiding their IP addresses. What is a VPN?

VPN

VPN Internet Internet Encryption

The Origins and History of the Dark Web

Identity IQ

FEBRUARY 8, 2024

The Origins and History of the Dark Web IdentityIQ The dark web is a hidden part of the internet that cannot be accessed as easily. The dark web consists of websites and services that operate anonymously and aren’t accessible in the “public” part of the internet. The deep web is far and away the largest part of the internet.

Identity Theft

Identity Theft Cryptocurrency Government Engineering

Microsoft, CISA and NSA offer security tools and advice, but will you take it?

Malwarebytes

SEPTEMBER 29, 2021

Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA they offer advice on how to choose and harden your VPN. The Information Sheet details considerations for selecting a remote access VPN, as well as actions to harden the VPN from compromise.

VPN

VPN Risk Education Cybersecurity

Russian internet watchdog Roskomnadzor bans six more VPN services

U.S. CISA: hackers breached a state government organization

Trending Sources

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

5 common VPN myths busted

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

CISA Order Highlights Persistent Risk at Network Edge

Social media partially disrupted in Cuba amid anti-government protests

A Deep Dive Into the Residential Proxy Service ‘911’

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Iran-linked APT group Pioneer Kitten sells access to hacked networks

MY TAKE: How consumer-grade VPNs are enabling individuals to do DIY security

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Hacker groups support protestors in Iran using Telegram, Signal and Darkweb

Russian communications watchdog Roskomnadzor blocks access to 6 VPNs

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Russia restricts Twitter in the country amid conflict with Ukraine

Everyday Threat Modeling

Twitter restricted in Turkey after the earthquake amid disinformation fear

Security Affairs newsletter Round 402 by Pierluigi Paganini

China-linked APT Volt Typhoon linked to KV-Botnet

CISA published 2021 Top 15 most exploited software vulnerabilities

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Giving a Face to the Malware Proxy Service ‘Faceless’

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

CERT-UA warns of malspam attacks distributing the Jester info stealer

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Resilience lies with security: Securing remote access for your business

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022

Security Affairs newsletter Round 269

Russian govn blocked Tutanota service in Russia to stop encrypted communication

7 Tactics Recently Used By SolarWinds Hackers

Daixin Team targets health organizations with ransomware, US agencies warn

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

Russia-linked APT28 has been scanning vulnerable email servers in the last year

China-linked APT Volt Typhoon targets critical infrastructure organizations

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

Secure Your Online Privacy: How to Choose the Best VPN in 2023

The Origins and History of the Dark Web

Microsoft, CISA and NSA offer security tools and advice, but will you take it?

Stay Connected