2014, Authentication and VPN - Cyber Security Informer

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN

VPN Government Authentication Advertising

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN

VPN Firewall Advertising Internet

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. I had a chance to discuss this seminal transition with George Avetisov, co-founder and chief executive officer of HYPR , a Manhattan-based supplier of advanced authentication technologies.

Authentication

Authentication VPN Passwords Hacking

VPN apps insecurely store session cookies in memory and log files

Security Affairs

APRIL 12, 2019

At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. What if these VPNs are vulnerable to attackers? 8.3R6, and 9.0R2.

VPN

VPN Marketing Authentication Small Business

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. However, the speed comes at the cost of encryption.

VPN

VPN Encryption Firewall Internet

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

“In fact, large aggregations of stolen credentials have been around since 2013-2014. For example, as recently as earlier this month, Intel 471 spotted Sanix selling access to nearly four dozen universities worldwide, and to a compromised VPN account for the government of San Bernadino, Calif.

Passwords

Passwords Accountability Hacking Password Management

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Encryption Advertising Authentication

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Advertising

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability

Accountability Passwords Authentication Password Management

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering

Social Engineering VPN Phishing Authentication

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature. This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

“Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).” “Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).”

Ransomware

Ransomware VPN Advertising Government

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. OS ) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. x base score of 10. . x base score of 10. Pierluigi Paganini.

Firewall

Firewall Authentication VPN Advertising

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN

VPN Hacking Advertising Passwords

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Make RDP available only through a corporate VPN. Use Network Level Authentication (NLA). If possible, enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords Advertising Authentication VPN

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware VPN Advertising Marketing

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

Passwords associated with external authentication systems such as AD or LDAP are unaffected. Login credentials associated with external authentication systems (i.e. A list of the user IDs permitted to use the firewall for SSL VPN and accounts that were permitted to use a “clientless” VPN connection. Pierluigi Paganini.

Firewall

Firewall Ransomware Passwords VPN

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

SEPTEMBER 9, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Energy and Utilities VPN Advertising

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

The Agency confirmed that an authenticated attacker with access to the solution via a general license could exploit the flaws to trigger a DoS condition or to achieve arbitrary information disclosure and data manipulation. Also recognize that VPN is only as secure as the connected devices. Pierluigi Paganini.

Advertising

Advertising Authentication VPN Firewall

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Use an additional layer of authentication ( MFA/2FA ). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Internet Internet Advertising

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Security Affairs

JUNE 19, 2020

The CVE-2020-4529 could allow an authenticated attacker to send unauthorized requests from a system, potentially leading to other attacks, such as network enumeration, “IBM Maximo Asset Management is vulnerable to server side request forgery (SSRF). ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Authentication Passwords

Cisco addresses ten high-risk issues in NX-OS software

Security Affairs

AUGUST 28, 2020

The same devices are affected by a DoS flaw (CVE-2020-3397) in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the advisory.

Software

Software Risk Advertising Authentication

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

According to Cyberintelligence firm Bad Packets , hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN gateway exposed by Indiabulls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Advertising

Security Affairs - Untitled Article

Security Affairs

JULY 22, 2019

GlobalProtect products allow organizations to set up a virtual private network (VPN) access, they also implement other security and management features. “ n this article, we would like to talk about the vulnerability on Palo Alto SSL VPN. Palo Alto calls their SSL VPN product line as GlobalProtect. ” Uber replied.

VPN

VPN Advertising Authentication Information Security

Netwalker Ransomware hit Argentina’s official immigration agency

Security Affairs

SEPTEMBER 6, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware VPN Advertising Passwords

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. The flaw is similar to the recently disclosed vulnerabilities in Palo Alto Networks, Pulse Secure and Fortinet VPN solutions. ” reads the advisory published by Sophos.

Firewall

Firewall VPN Passwords Internet

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

The Zyxel Cloud CNM SecuManager is a comprehensive network management software that provides an integrated console to manage security gateways including the ZyWALL USG and VPN Series. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability

Accountability Advertising Software Passwords

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

In order to discover potential targets and locate the information it needs to authenticate against, the script passively collects data from /.ssh/config,bash_history, Experts also recommend to access admin endpoints only through firewall or VPN gateway. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

How to Protect Against COVID-19 Email Scams

Security Affairs

APRIL 21, 2020

Authentic emails from verified sources would not require this. Persuasion for Instant Action: Males from authentic sources would not create a necessary sense of urgency and would usually not probe one to take drastic actions. Use a VPN: You should use a cheap VPN to deceive hackers as they will not be able to trace your email address.

Scams

Scams Phishing Artificial Intelligence VPN

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware VPN Data breaches Advertising

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

China-linked cyber espionage group APT20 has been bypassing two-factor authentication (2FA) in recent attacks, cyber-security firm Fox-IT warns. Attackers use stolen VPN credentials to securely connect the target network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Hacking Software Advertising

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Advertising Engineering VPN

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. These emails appear to be coming from some authentic source like from your bank or some legit business organization. You can further secure your connection by using a VPN. Use Two Factor Authentication.

Phishing

Phishing Accountability Authentication Passwords

Modernizing Secure Remote Access for a Hybrid Workforce

Duo's Security Blog

MARCH 25, 2022

Problem: The Traditional VPN Is No Longer Enough Since the 1990s, virtual private networks (VPNs) have been well-suited for the purpose they were built for – to grant employees temporary access to corporate networks and resources when they weren't logging in from an office.

VPN

VPN Architecture Authentication Software

Hacker deleted all data from VFEmail Servers, including backups

Security Affairs

FEBRUARY 13, 2019

The hacker destroyed all virtual machines even if the company pointed out that they did not share the same authentication. Of course the attacker could have been using a VPN to hide its real origin., Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Just attack and destroy,” VFEmail said.

Backups

Backups Advertising VPN Cyber Attacks

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

Security Affairs

JANUARY 4, 2020

. “We do what we can to increase our OpSec when using our laptop in public-such as using a good VPN provider, 2FA, and password database auto-fill to prevent network or shoulder-based eavesdropping,” says Altfield. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising VPN Engineering Passwords

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

SonicWall also provides recommendations to customers that can’t update their installs, the vendor suggests disconnecting devices immediately and reset their access passwords, and enable account multi-factor authentication, if supported. The affected end-of-life devices with 8.x x firmware are past temporary mitigations. 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

A flaw in Microsoft OAuth authentication could lead Azure account takeover. CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems. OpenBSD addresses authentication bypass, privilege escalation issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising DDOS VPN Authentication

Rockwell Automation fixes multiple DoS flaws in Stratix Switch introduced by Cisco Software

Security Affairs

APRIL 7, 2019

Remote and local authentication attackers could exploit the flaws to trigger a DoS condition by sending specially crafted packets to vulnerable devices. The company recommends avoiding using any IPsec VPN connections as a temporary mitigation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Software

Software Advertising VPN Authentication

FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw

Security Affairs

AUGUST 8, 2020

The same threat actors were behind multiple attacks targeting unpatched VPN devices since August 2019, such as Pulse Secure VPN servers and Citrix ADC/Gateway. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Malware Cyber Attacks

Cisco fixes 32 security vulnerabilities in its products, including three critical flaws

Security Affairs

SEPTEMBER 6, 2018

The “critical” flaw CVE-2018-0435 affects Cisco Umbrella API, a remote authenticated attacker could leverage the vulnerability to read or modify data across multiple organizations. “The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella. . Pierluigi Paganini.

Wireless

Wireless VPN Firewall Authentication

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Trending Sources

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

VPN apps insecurely store session cookies in memory and log files

The strengths and weaknesses of different VPN protocols

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Ukraine Nabs Suspect in 773M Password ?Megabreach?

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Cisco fixes 5 critical flaws that could allow router firewall takeover

Experian, You Have Some Explaining to Do

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Palo Alto Networks addresses tens of serious issues in PAN-OS

FBI issued a flash alert about Netwalker ransomware attacks

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

RDP brute-force attacks rocketed since beginning of COVID-19

Netwalker ransomware operators claim to have stolen data from Forsee Power

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Flaws in leading industrial remote access systems allow disruption of operations

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

An SSRF flaw in Maximo Asset Management could be used to target corporate networks

Cisco addresses ten high-risk issues in NX-OS software

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs - Untitled Article

Netwalker Ransomware hit Argentina’s official immigration agency

Sophos fixed a critical vulnerability in Cyberoam firewalls

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

How to Protect Against COVID-19 Email Scams

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Op Wocao – China-linked APT20 was able to bypass 2FA

Netwalker ransomware operators leaked files stolen from K-Electric

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

5 Common Phishing Attacks and How to Avoid Them?

Modernizing Secure Remote Access for a Hybrid Workforce

Hacker deleted all data from VFEmail Servers, including backups

BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs newsletter Round 243

Rockwell Automation fixes multiple DoS flaws in Stratix Switch introduced by Cisco Software

FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw

Cisco fixes 32 security vulnerabilities in its products, including three critical flaws

Stay Connected