Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The vendor recommends to disable SSL VPN as a workaround. “Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). ” reads the advisory.

VPN 101

VPN Firmware Malware Government 101

Trend Micro

MARCH 28, 2023

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022.

Malware 124

Malware VPN Cryptocurrency 124

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

VPN 88

VPN Ransomware Hacking Education 88

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 203

Malware VPN Internet Internet 203

Penetration Testing

JANUARY 28, 2024

Recently, QuoIntelligence has uncovered a previously unknown and undetected variant of the WIREFIRE web shell, a Python-based implant found in Ivanti Connect Secure (ICS) VPN compromised appliances (CVE-2023-21887 and CVE-2023-46805).

VPN 107

VPN Penetration Testing Cybersecurity Malware 107

Bleeping Computer

JANUARY 18, 2022

Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [.].

VPN 145

VPN Ransomware Malware 145

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 100

Malware DNS Authentication Telecommunications 100

The Last Watchdog

SEPTEMBER 13, 2021

Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. Related: Turning humans into malware detectors. LW: Why are consumer VPNs generally in a good position to fill this gap? Which was fine when you had only a handful of VPN users or uses.

Antivirus 200

Antivirus VPN Marketing Digital transformation 200

Penetration Testing

APRIL 4, 2024

In yet another instance highlighting the dangers of malvertising, the popular VPN service NordVPN has become the latest target of cybercriminals.

Penetration Testing 87

Penetration Testing Malware VPN 87

eSecurity Planet

AUGUST 2, 2022

Linux malware is skyrocketing and now surpasses both macOS and Android, according to a new report, suggesting that cybercriminals are increasingly targeting the open source operating system. The Linux malware growth has occurred even as Windows, Android and macOS have all seen a decline in new malware samples.

Malware 137

Malware VPN Encryption Marketing 137

Security Boulevard

JANUARY 12, 2024

The post Ivanti VPN Zero-Day Combo Chained ‘by China’ appeared first on Security Boulevard. Under active exploitation since last year—but still no patch available.

VPN 83

VPN Data privacy Security Awareness Risk 83

The Hacker News

APRIL 23, 2021

Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of a new advanced persistent threat (APT) that's leveraging the Supernova backdoor to compromise SolarWinds Orion installations after gaining access to the network through a connection to a Pulse Secure VPN device.

VPN 126

VPN Malware Cybersecurity 126

Zero Day

MAY 28, 2021

There are now at least 16 malware families designed to compromise Pulse Secure VPN products.

VPN 114

VPN Malware 114

Heimadal Security

JANUARY 16, 2023

The VPN market has grown considerably in the last few years due to the increasing popularity of VPN technologies. However, corrupted VPN installers have been used by threat actors to deliver a piece of spyware called EyeSpy, as part of a malware campaign that started in May 2022.

Spyware 76

Spyware VPN Marketing Technology 76

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 124

VPN Firewall Accountability Cybersecurity 124

Security Affairs

DECEMBER 2, 2021

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. SecurityAffairs – hacking, VPN services). Pierluigi Paganini.

VPN 115

VPN Internet Internet Media 115

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

VPN 130

VPN Government Malware Hacking 130

Security Affairs

JANUARY 20, 2023

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. firewalls, IPSIDS appliances etc.).

VPN 97

VPN Firewall Internet Internet 97

Bleeping Computer

JANUARY 20, 2023

Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux and Windows malware. [.]

Malware 121

Malware VPN Government 121

Security Affairs

JANUARY 12, 2023

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. Fortinet researchers reported how threat actors exploited the recently patched FortiOS SSL-VPN vulnerability ( CVE-2022-42475 ) in attacks against government organizations and government-related targets.

VPN 88

VPN Malware Engineering Government 88

The Hacker News

APRIL 3, 2023

A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign.

Malware 95

Malware VPN Cryptocurrency 95

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN 116

VPN Cybercrime Advertising Accountability 116

CyberSecurity Insiders

FEBRUARY 16, 2021

2021 Research Highlights Growing Security Vulnerabilities Around Targeted Social Engineering, Ransomware and Malware Attacks. To download the full study, see the Zscaler 2021 VPN Risk Report. For the last three decades, VPNs have been deployed to provide remote users with access to resources on corporate networks. Zscaler, Inc.

VPN 125

VPN Risk Digital transformation Social Engineering 125

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN. 4 Run a Linux command in a separate thread.

Malware 99

Malware VPN Encryption Hacking 99

Security Affairs

FEBRUARY 1, 2024

Mandiant researchers recently discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices. The software firm recommends importing the “mitigation.release.20240126.5.xml” 20240126.5.xml”

VPN 101

VPN Authentication Software Malware 101

Security Affairs

FEBRUARY 6, 2024

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. The RAT is used as second-stage malware, the experts pointed out that it doesn’t exploit a new vulnerability. COATHANGER is a stealthy malware that hooks system calls that could reveal its presence.

Malware 106

Malware Firmware VPN Backups 106

Heimadal Security

SEPTEMBER 9, 2021

The threat actor says that the exploited Fortinet vulnerability has been patched but, many VPN credentials remain valid. This could be considered a serious incident as the leaked VPN credentials could allow malicious actors to access a network and perform data exfiltration, install malware, and launch ransomware attacks.

VPN 84

VPN Passwords Ransomware Malware 84

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. ” reads the report published by FireEye. ” continues the report.

VPN 114

VPN Hacking Authentication Government 114

Security Boulevard

MARCH 25, 2021

Malware targeting Apple’s macOS is on the rise—and fast—according to an investigation by Atlas VPN, which reported 674,273 new malware samples were found in 2020, up from just 56,556 samples detected in 2019. The post Report Finds Surge in Malware Aimed at MacOS appeared first on Security Boulevard.

Malware 141

Malware VPN Cybersecurity 141

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. Pierluigi Paganini.

VPN 123

VPN Internet Internet Software 123

CyberSecurity Insiders

DECEMBER 27, 2021

If you are in thinking that your PC or computing device is secure enough as it is loaded with an anti-malware solution, you better change your viewpoint. As some hackers have developed a malware that uses code signing certificates to avoid detection by security defenses and has the tendency to download payloads onto a compromised system.

Malware 124

Malware Adware Security Defenses Spyware 124

Threatpost

JUNE 9, 2021

Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating.

VPN 128

VPN Passwords Accountability Ransomware 128

Heimadal Security

MARCH 7, 2023

An ongoing campaign is targeting business routers using a new malware, the HiatusRAT router malware. DrayTek Vigor are VPN routers largely used by small and medium-size companies. Details […] The post Find Out More About the New HiatusRAT Router Malware appeared first on Heimdal Security Blog.

Malware 90

Malware VPN Cybersecurity 90

Bleeping Computer

MAY 28, 2021

Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. [.].

Malware 144

Malware VPN 144

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 117

Advertising Cybercrime Malware Cryptocurrency 117

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. SecurityAffairs – hacking, Fortinet VPN).

VPN 96

VPN Ransomware Antivirus Firmware 96

Security Boulevard

NOVEMBER 7, 2021

A VPN or a Virtual Private Network provides the solution to many security issues, but you can still get hacked while using it. For example, if you install malware or share your username and password with anyone, a VPN cannot protect you. Similarly, there are certain other technical loopholes with using a VPN that might [.].

VPN 52

VPN Hacking Passwords Malware 52