Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. Pierluigi Paganini.

VPN 123

VPN Internet Internet Software 123

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. ” reads the post published by Censys.

Internet 107

Internet Internet VPN Mobile 107

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. ” continues the researchers.

VPN 128

VPN Government Advertising Firmware 128

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 114

VPN Hacking Authentication Government 114

Security Affairs

APRIL 6, 2024

is a heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, x) and Ivanti Policy Secure that allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. The flaw CVE-2024-21894 (CVSS score 8.2)

VPN 113

VPN Internet Internet Hacking 113

Security Affairs

APRIL 6, 2024

.” The flaw impacts all software releases for the following Cisco RV Series Small Business Routers: RV016 Multi-WAN VPN Routers RV042 Dual WAN VPN Routers RV042G Dual Gigabit WAN VPN Routers RV082 Dual WAN VPN Routers RV320 Dual Gigabit WAN VPN Routers RV325 Dual Gigabit WAN VPN Routers To mitigate this vulnerability on Cisco Small Business RV320 (..)

Small Business 133

Small Business VPN Wireless Software 133

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Europol said. Pierluigi Paganini.

VPN 82

VPN Cybercrime Ransomware Advertising 82

Security Affairs

NOVEMBER 2, 2021

Researchers from Rapid7 reported that of the 60,000 internet-facing GitLab installations: 21% of installs are fully patched against this issue. In addition, ideally, GitLab should not be an internet facing service. If you need to access your GitLab from the internet, consider placing it behind a VPN.”

Internet 129

Internet Internet VPN Hacking 129

Security Affairs

NOVEMBER 29, 2022

Now Cyble researchers reported more than 100,000 FortiGate firewalls accessible from the internet that may be targeted by threat actors if not patched yet. The sensitive system information, system configurations, and network details might be further distributed over the darkweb. ” concludes the post. Pierluigi Paganini.

VPN 100

VPN Firewall Authentication Internet 100

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. SocksEscort began in 2009 as “ super-socks[.]com

Malware 203

Malware VPN Internet Internet 203

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. 2020 VPN series running firmware ZLD V4.60 They could also intercept traffic or create VPN accounts to gain access to the network behind the device. Patch1 in Dec. 2020 USG series running firmware ZLD V4.60 Patch1 in Dec.

Firewall 139

Firewall VPN Firmware Passwords 139

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Experts pointed out that this port is often accessible over the Internet. 2021-11-10: PAN released patches and a security bulletin assigning the vulnerability CVE-2021-3064. Pierluigi Paganini.

VPN 104

VPN Firewall Internet Internet 104

Security Affairs

FEBRUARY 12, 2024

Also, consider using a Virtual Private Network (VPN) to encrypt your data and make it unreadable to hackers. Packet sniffing isn’t always illegal – IT departments use it to maintain security but it’s also a favorite tool for cybercriminals looking to steal passwords and other sensitive information.

DNS 123

DNS VPN Encryption Passwords 123

Lenny Zeltser

JULY 6, 2017

When analyzing malware or performing other security research, it’s often useful to tunnel connections through a VPN in a public cloud. Moreover, by using VPN exit nodes in different cities and even countries, the researcher can explore the target from multiple geographic vantage points, which sometimes yields additional findings.

VPN 111

VPN Software DNS Internet 111

Security Affairs

FEBRUARY 16, 2024

The threat actor compromised network administrator credentials through the account of a former employee that was used to successfully authenticate to an internal virtual private network (VPN) access point. The government organization also hosts its sensitive data on an Azure environment which was not accessed by the attackers.

Government 130

Government VPN Accountability Authentication 130

Security Affairs

JANUARY 17, 2020

Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. Pierluigi Paganini.

VPN 64

VPN Firewall Advertising Media 64

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 83

Firewall VPN Firmware Internet 83

Security Affairs

SEPTEMBER 8, 2021

Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN and ExpressVPN. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN,

VPN 75

VPN Internet Internet Mobile 75

Security Affairs

JUNE 19, 2021

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation.

Hacking 140

Hacking VPN Internet Internet 140

The Last Watchdog

OCTOBER 24, 2022

Use a corporate VPN. Encrypting data on corporate devices can prevent hackers from accessing sensitive information. The best way to protect data in this way is to set up a corporate VPN (a virtual private network). VPNs allow employees to connect to the internet securely while hiding the company’s IP address.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214

Security Affairs

JANUARY 21, 2023

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL). ” reads the report published by Censys. .

Hacking 96

Hacking Small Business VPN Internet 96

Webroot

APRIL 3, 2024

Update your Internet browser Browser updates often contain security patches that address known vulnerabilities. Don’t ignore those update prompts — they could be the key to keeping your identity and online activities secure. Make sure to keep it updated to guard against the latest threats.

VPN 83

VPN Passwords Scams Accountability 83

Security Affairs

JUNE 1, 2023

through 4.73, VPN series firmware versions 4.60 VPN ZLD V4.60 The researchers warned that as of May 19, there were at least 42,000 instances of Zyxel devices on the public internet. Internet-wide sweeps seen by over 700 of our IKEv2 aware honeypot sensors, since May 26th. ” reads the advisory published by NIST.

Firewall 91

Firewall Firmware VPN DDOS 91

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 106

VPN Cybercrime Ransomware Hacking 106

Daniel Miessler

SEPTEMBER 27, 2020

Example 2: Using a VPN. A lot of people are confused about VPNs. They think it’s giving them security that it isn’t because they haven’t properly understood the tech and haven’t considered the attack scenarios. If you log in at the end website you’ve identified yourself to them, regardless of VPN.

VPN 326

VPN Risk Hacking Encryption 326

Security Affairs

DECEMBER 29, 2022

The vendor pointed out that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are impacted. . The researchers initially scanned the Internet for Citrix servers and found around 28.000 installs as of November 11, 2022.

VPN 95

VPN Internet Internet Authentication 95

Security Affairs

APRIL 19, 2022

” The vendor also recommends enabling the VPN server function on the user router to access QNAP NAS from the Internet. Users can also remotely connect their devices by enabling the VPN server on QNAP NAS by installing the QVPN Service app or deploying QuWAN, SD-WAN solution. For example, change 8080 to 9527.

VPN 103

VPN Internet Internet Firewall 103

Security Affairs

SEPTEMBER 30, 2022

The hackers are sharing tools and tips to bypass censorship, including opening VPN servers, to avoid restrictions introduced in the country following the death of Mahsa Amini. Multiple groups were observed providing a list of proxies and VPN that help to bypass the censorship, along with reports on the internet status in Iran.

VPN 88

VPN Government Internet Internet 88

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. ” concludes the report.

Malware 101

Malware DNS Authentication Telecommunications 101

Security Affairs

MAY 30, 2019

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. The study also revealed that two of those VPN products are under its other developer name, Lemon Clove, and another two by Autumn Breeze 2018. Innovative Connecting VPNs products.

VPN 100

VPN Small Business Mobile Advertising 100

Security Affairs

JANUARY 17, 2024

The vendor recommends that customers do not expose the management interface to the internet, as explained in the secure deployment guide. To be exploited the appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. The vulnerability CVE-2023-6549 is a Denial of Service.

VPN 107

VPN Software Authentication Internet 107

Security Affairs

FEBRUARY 9, 2023

Global internet monitor NetBlocks reported that Twitter has been restricted in Turkey in the aftermath of the earthquake. Global internet monitor NetBlocks reported that network data confirm that Twitter has been restricted in Turkey in the aftermath of the earthquake. ” reported Netblocks.

Internet 79

Internet Internet Media VPN 79

CyberSecurity Insiders

DECEMBER 12, 2021

There are several services on the internet that allow you to send emails that are encrypted with a password. ProtonMail comes with PGP fully integrated, thus allowing you to send sensitive information securely without any extra effort. Just select the right app, create a secure channel, and you are good to go.

VPN 107

VPN Passwords Encryption Mobile 107

Security Affairs

JULY 22, 2023

through 4.73, VPN series firmware versions 4.60 The researchers warned that as of May 19, there were at least 42,000 instances of Zyxel devices on the public internet. Since the vulnerability is in the VPN service, which is enabled by default on the WAN, we expect the actual number of exposed and vulnerable devices to be much higher.”

DDOS 96

DDOS Firmware VPN Firewall 96

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

FEBRUARY 4, 2023

The attack vector of this exploit requires access to the administrative console of the application, which in most cases is accessible only from within a private company network, through VPN, or by allow-listed IP addresses (when running in cloud environments, such as Azure or AWS).” ” reads the advisory.

Internet 93

Internet Internet VPN Hacking 93

Security Affairs

JULY 13, 2021

.” Confirmed: Social media and messaging platforms restricted in #Cuba from Monday on state-run internet provider ETECSA; real-time network data corroborate reports of internet disruptions amid widening anti-government protests; incident ongoing #CubaSOS [link] pic.twitter.com/kY3G1qMAse — NetBlocks (@netblocks) July 12, 2021.

Media 93

Media Government Internet Internet 93