Security Affairs

DECEMBER 12, 2019

” The GALLIUM threat actor is active, but its activity was more intense between 2018 and mid-2019. The operators leverage on low cost and easy to replace infrastructure using dynamic-DNS domains and regularly reused hop points. GALLIUM is one of many ActivityGroups we see targeting telcos through SE Asia + Europe + Africa.

Telecommunications 97

Telecommunications DNS Malware Advertising 97

Security Affairs

APRIL 14, 2019

DNS hijacking campaigns target Gmail, Netflix, and PayPal users. Gulf countries came under hackers spotlight in 2018, with more than 130 000 payment cards compromised. VPN apps insecurely store session cookies in memory and log files. A new round of the weekly SecurityAffairs newsletter arrived! Kindle Edition. Paper Copy.

Data breaches 87

Data breaches Advertising DNS Surveillance 87

eSecurity Planet

MAY 28, 2021

Recent UEFI attacks include a 2015 attack on a Ukrainian power grid and a 2018 attack where threat actors used a UEFI rootkit to drop additional malware in an extended episode. Whether it’s a VPN , firewall , or remote access server, unauthorized entry via network gateways is a problem. Also Read: How to Prevent DNS Attacks.

Software 119

Software DNS Firmware VPN 119

Security Affairs

JANUARY 25, 2019

The remote destination address 185.244.30.93, belonging to “Stajazk VPN” services, hosts the control server reachable on port tcp/9888. The usage of the VPN service hides the real location of the attacker, however, the specific IP isn’t new to the threat intel community, it has been abused since october 2018.

Malware 108

Malware VPN Advertising InfoSec 108

eSecurity Planet

MAY 19, 2022

Already a leading SD-WAN pick, the HPE subsidiary boosted its market position with acquisitions of security vendor Cape Networks in 2018 and WAN specialist Silver Peak Systems in 2020. Launched in 2002 and specializing in wireless networking , Aruba Networks’ success led to its acquisition by Hewlett-Packard in 2015.

Firewall 120

Firewall Architecture Encryption Network Security 120

Fox IT

JANUARY 12, 2021

After obtaining a valid account, they use this account to access the victim’s VPN, Citrix or another remote service that allows access to the network of the victim. This specific document described how to access the internet facing company portal and the web-based VPN client into the company network.

VPN 68

VPN Accountability Passwords DNS 68

eSecurity Planet

JUNE 8, 2023

It can be time consuming to establish these protocols on an organization’s DNS servers, but doing so will provide two key benefits. Email security tools offer features that screen emails for malicious content using antivirus, anti-spam, DNS, attachment, and other analytics.

Firewall 80

Firewall DNS Authentication Malware 80

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East.

Malware 145

Malware Government Spyware Social Engineering 145

Troy Hunt

SEPTEMBER 17, 2020

I also started giving more thought to privacy and how it's constantly eroded in little bites, a thought process that highlighted just how far we still have to go as an industry, and where the value proposition of a VPN was strongest. Here's the value proposition of a VPN in the modern era: 1. So what about DNS over HTTPS, or DoH ?

VPN 363

VPN Phishing DNS Encryption 363

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 145

Malware Government Surveillance Spyware 145

SecureList

NOVEMBER 18, 2022

Finally, it is worth mentioning the CVE-2022-34724 vulnerability, which affects Windows DNS Server and can lead to denial of service if exploited. July saw the discovery of two campaigns that used a fake VPN application and fake Salesforce updates , both built on the Sliver framework.

Mobile 121

Mobile Malware Ransomware IoT 121