article thumbnail

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

article thumbnail

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. “Rust payloads detected by Volexity team turn out to be pretty interesting Sliver downloaders as they were executed on Ivanti Connect Secure VPN after the exploitation of CVE-2024-21887 and CVE-2023-46805.

VPN 91
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN 83
article thumbnail

Russia bans Opera VPN and VyprVPN, classifies them as threats

Bleeping Computer

Roskomnadzor, Russia's telecommunications watchdog, has banned the use of Opera VPN and VyprVPN after classifying them as threats according to current Russian law. [.].

VPN 116
article thumbnail

Russia bans VyprVPN, Opera VPN services for not complying with blacklist request

The Hacker News

Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In

VPN 99
article thumbnail

Unpatched Fortinet VPN Devices Are Attacked by New Cring Ransomware

Heimadal Security

The Cring ransomware, also known as Crypt3r, Vjiszy1lo, Ghost, Phantom, became noticeable in January when it was found by Amigo_A and spotted by the CSIRT team of Swiss telecommunications […]. The post Unpatched Fortinet VPN Devices Are Attacked by New Cring Ransomware appeared first on Heimdal Security Blog.

VPN 70
article thumbnail

Hackers Were Inside Citrix for Five Months

Krebs on Security

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks.

VPN 351