Hacking, Manufacturing and VPN - Cyber Security Informer

VPN Android apps: What you should know

Malwarebytes

MAY 24, 2021

In just the past year, free VPN for Android apps have exposed the data of as many as 41 million users, revealing consumers’ email addresses, payment information, clear text passwords, device IDs, and more. All these people that work on [the VPN service], nobody is going to do it for free. There is no best free VPN for Android.

VPN

VPN Internet Internet Data breaches

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

This allowed ESET researchers to identify devices previously used in a data center/ cloud computing business (specifically, a router provisioning a university’s virtualized assets), a nationwide US law firm, manufacturing and tech companies, a creative firm, and a major Silicon Valleybased software developer, among others.”

Hacking

Hacking VPN Marketing Authentication

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. The experts shared their findings with the manufacturers, most of the flaws have been already fixed.

Manufacturing

Manufacturing IoT Firmware VPN

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. .” SecurityAffairs – hacking, DrayTek Vigor).

Hacking

Hacking Internet Internet Passwords

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

China-linked Flax Typhoon APT targets Taiwan

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The state sponsored hackers also uses the VPN access to scan for vulnerabilities in targeted organizations. ” continues the report.

VPN

VPN Manufacturing Education Hacking

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

SecurityAffairs – hacking, newsletter). Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini.

Spyware

Spyware Manufacturing Small Business Surveillance

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

For instance, suppose firewall manufacturer ACME Inc. For instance, suppose firewall manufacturer ACME Inc. While this service facilitates the setup of VPN systems in the absence of a static IP, it inadvertently encourages the exposure of the appliance’s administrative interface to the Internet.

DNS

DNS Manufacturing Firewall Internet

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Security Affairs

JUNE 13, 2023

. “A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall

Firewall VPN Firmware Manufacturing

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, Volt Typhoon)

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

From a business perspective, managing and resetting passwords chews up scarce resources, and yet even with the best possible maintenance passwords are trivial to hack. This is a type of advanced, brute-force hacking that leverages automation. For most of the Internet era, we’ve learned to live with these tradeoffs. and across Europe.

Authentication

Authentication VPN Passwords Hacking

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN

VPN Ransomware Manufacturing IoT

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Government VPN Manufacturing

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. SecurityAffairs – hacking, RedLine malware). Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Manufacturing Cryptocurrency Cybercrime

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware

Ransomware Manufacturing Healthcare Education

Brute Force attack launched by Russia APT28 using Kubernetes

CyberSecurity Insiders

JULY 2, 2021

But a new discovery made by the National Security Agency(NSA) of United States has revealed that Russian hacking group APT28 is launching Brute Force Cyber Attacks using Kubernetes to ensure anonymity. APT28 aka Fancy Bear or Strontium is a hacking group that is funded by Russian Military Intelligence.

System Administration

System Administration VPN Manufacturing Authentication

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

VPN

VPN Manufacturing Government Hacking

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Volt Typhoon)

Small Business

Small Business Technology VPN Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

Two critical flaws affect CODESYS ICS Automation Software

Security Affairs

JUNE 27, 2022

.” The Chinese researchers who discovered the vulnerabilities pointed out that CODESYS V2 Runtime is used by many manufacturers, and most of these manufacturers still use outdated versions. The vulnerabilities affect a large number of manufacturers using a version of CODESYS V2 Runtime older than V2.4.7.57.

Software

Software Manufacturing Firmware Risk

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Accountability

Accountability VPN Manufacturing Firewall

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. SecurityAffairs – hacking, PseudoManuscrypt). Pierluigi Paganini.

Spyware

Spyware Energy and Utilities Malware Engineering

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert. Pierluigi Paganini.

Ransomware

Ransomware Financial Services Passwords VPN

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. Computers that use VPN software are less exposed to online threats, but unfortunately, they represent only 15% of the total. Such threats were blocked more often on computers with VPN software.”

Engineering

Engineering VPN Software Accountability

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization. SecurityAffairs – hacking, Hades ransomware). At the time of this writing, it is unclear if the Hades gang operates a ransom-as-a-service model.

Ransomware

Ransomware Encryption Malware VPN

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. SecurityAffairs – DrayTek, hacking).

Firmware

Firmware VPN Accountability Advertising

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. SecurityAffairs – hacking, China). CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ “According to a recent U.S.

Government

Government VPN Firmware Energy and Utilities

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Consider installing and using a VPN. SecurityAffairs – hacking, FBI). Install and regularly update anti-virus and anti-malware software on all hosts. Disable hyperlinks in received emails.

Ransomware

Ransomware Passwords Backups Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware DDOS Passwords Backups

21 million free VPN users’ data exposed

Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. So this is a mess, and a timely reminder of why trust in a VPN provider is so crucial. Past VPN errors.

VPN

VPN Passwords Internet Internet

Vital Tips & Resources to Improve Your Internet Safety

CyberSecurity Insiders

DECEMBER 18, 2021

When device manufacturers and software developers find out about bugs, they immediately release a patch to fix them. Once a site is hacked and criminals get access to the username and password you use there, they can try them on major online banking systems. Keep All Your Devices Up to Date.

Internet

Internet Internet Passwords Banking

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. SecurityAffairs – NAS, hacking). QNAP hasn’t confirmed that the incidents were caused by a malware. ” wrote the user P3R.

Antivirus

Antivirus Firmware Advertising VPN

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

It collaborates with Airbus, the second-largest aerospace company globally after Boeing, to manufacture aerospace equipment. Also, the company manufactures surface-to-air defense systems and missiles. It is crucial to ensure that leaked keys are in longer bit-lengths and encoded using secure encryption/hashing algorithms.

Manufacturing

Manufacturing Media Accountability Risk

The Hacker Mind Podcast: Hacking the Art of Invisibility

ForAllSecure

MARCH 1, 2022

I mean, there are so many positive stories about people who are hacking for a living and doing good things because of it. Welcome to the hacker mind that original podcast from for all secure it's about challenging our expectations about the people who hack for a living. And I use a VPN that doesn't log my websites.

Hacking

Hacking Mobile Cryptocurrency VPN

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. The Flaws in Manufacturing Process. Manufacturers saw this as an opportunity and rushed in to grab their own piece of the IoT market. It can be prevented through the use of an online VPN.

IoT

IoT Cybersecurity Manufacturing Internet

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. Consider installing and using a VPN. Pierluigi Paganini.

Ransomware

Ransomware Encryption Passwords Malware

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Both tools could be used to target SOHO and other routers manufactured by major industry providers, including Cisco, Fortinet, and MikroTik. Enforce MFA on all VPN connections [ D3-MFA ]. SecurityAffairs – hacking, China-linked threat actors). Enforce multifactor authentication (MFA) for all users, without exception [ D3-MFA ].

Telecommunications

Telecommunications Authentication Passwords Accountability

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Hacking

Hacking Ransomware Manufacturing Healthcare

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. As if that were not enough, many IoT devices have unalterable main passwords set by manufacturers. Another type of service sold on the dark web is IoT hacking.

IoT

IoT DDOS Passwords Malware

VPN Android apps: What you should know

Hackers can hack organizations using data found on their discarded enterprise network equipment

Trending Sources

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Iran-linked APT group Pioneer Kitten sells access to hacked networks

China-linked Flax Typhoon APT targets Taiwan

Security Affairs newsletter Round 377

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

Security Affairs newsletter Round 326

US offers $10 million reward for info on Hive ransomware group leaders

New RedLine malware version distributed as fake Omicron stat counter

FBI and CISA warn of attacks by Rhysida ransomware gang

Brute Force attack launched by Russia APT28 using Kubernetes

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

French authorities arrested a Russian national for his role in the Hive ransomware operation

China-linked APT Volt Typhoon linked to KV-Botnet

FBI chief says China is preparing to attack US critical infrastructure

Two critical flaws affect CODESYS ICS Automation Software

Hive Ransomware Tor leak site apparently seized by law enforcement

China-linked APT Volt Typhoon targets critical infrastructure organizations

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Which is the Threat landscape for the ICS sector in 2020?

Hades ransomware gang targets big organizations in the US

Interview With a Crypto Scam Investment Spammer

Hackers target zero-day flaws in enterprise Draytek network devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

FBI warns of ransomware attacks targeting the food and agriculture sector

Avoslocker ransomware gang targets US critical infrastructure

21 million free VPN users’ data exposed

Vital Tips & Resources to Improve Your Internet Safety

A mysterious code prevents QNAP NAS devices to be updated

Key aerospace player Safran Group leaks sensitive data

The Hacker Mind Podcast: Hacking the Art of Invisibility

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

FBI published a flash alert on Mamba Ransomware attacks

China-linked threat actors have breached telcos and network service providers

Rhysida ransomware group hacked Abdali Hospital in Jordan

Overview of IoT threats in 2023

Stay Connected