Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. So this is a mess, and a timely reminder of why trust in a VPN provider is so crucial. Past VPN errors.

VPN 145

VPN Passwords Internet Internet 145

Malwarebytes

SEPTEMBER 9, 2021

A threat actor has leaked a list of almost 500,000 Fortinet VPN credentials, stolen from 87,000 vulnerable FortiGate SSL-VPN devices. According to Fortinet the credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor’s scan. CVE-2018-13379.

VPN 126

VPN Passwords Ransomware Internet 126

Security Affairs

OCTOBER 9, 2019

NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws. Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

VPN 109

VPN Advertising Accountability Healthcare 109

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. Affected Products FortiOS 6.0 – 6.0.0

VPN 145

VPN Banking Passwords Malware 145

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to breach into the target networks. ” reads the alert issued by the NCSC.

VPN 111

VPN Advertising Healthcare Data breaches 111

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. CISA and FBI have observed attacks carried out by APT actors that combined two the CVE-2018-13379 and CVE-2020-1472 flaws. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

VPN 145

VPN Government Authentication Advertising 145

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN 134

VPN Government Hacking Accountability 134

Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. SecurityAffairs – Fox Kitten campaign, VPN ). Pierluigi Paganini.

VPN 145

VPN Advertising Telecommunications Hacking 145

eSecurity Planet

SEPTEMBER 9, 2021

The network security vendor said the credentials were stolen from systems that remain unpatched against a two-year-old vulnerability – CVE-2018-13379 – or from users who patched that vulnerability but failed to change passwords. to 5.4.12; if the SSL VPN service (web-mode or tunnel-mode) is enabled.

VPN 118

VPN Passwords Authentication Network Security 118

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft 259

Identity Theft Phishing Cryptocurrency Accountability 259

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN 353

VPN Computers and Electronics Antivirus Software 353

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing 363

Phishing VPN Social Engineering Media 363

Krebs on Security

OCTOBER 17, 2023

In 2018, ARIN sued Golestan and Micfo, alleging they had obtained hundreds of thousands of IP addresses under false pretenses. But in a 2020 interview with KrebsOnSecurity, Golestan claimed that Micfo was at one point responsible for brokering roughly 40 percent of the IP addresses used by the world’s largest VPN providers.

Internet 348

Internet Internet VPN Marketing 348

SC Magazine

APRIL 8, 2021

Kaspersky reported how recent attacks against a series of European industrial networks were accomplished at a vulnerability in Fortinet’s FortiGate VPN. Kaspersky is the first to report how those attacks were accomplished: a vulnerability in Fortinet’s FortiGate VPN. Alexxsun / CC BY-SA 4.0 ).

VPN 101

VPN Ransomware Encryption Media 101

Krebs on Security

JULY 8, 2019

In the 15-month span of the GandCrab affiliate enterprise beginning in January 2018 , its curators shipped five major revisions to the code, each corresponding with sneaky new features and bug fixes aimed at thwarting the efforts of computer security firms to stymie the spread of the malware. Vpn-service[.]us

Ransomware 278

Ransomware Accountability Cybercrime Passwords 278

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. reads the advisory.

VPN 111

VPN Advertising Hacking Government 111

Security Affairs

NOVEMBER 2, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. The first documented attack against a Sophos facility is the one that targeted Cyberoam in 2018.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

NOVEMBER 22, 2020

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices.

VPN 144

VPN Banking Government Hacking 144

Schneier on Security

OCTOBER 23, 2019

The revelations came as evidence surfaced suggesting that two rival VPN services, TorGuard and VikingVPN, also experienced breaches that leaked encryption keys. Monday's statement went on to say TorGuard didn't remove the compromised server until early 2018. We don't know exactly what was stolen and how it affects VPN security.

VPN 165

VPN Encryption Internet Internet 165

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The flaw can be used in combination with the CVE-2019-11539 remote command injection issue gain access to private VPN networks. SecurityAffairs – Pulse Secure VPN , hacking).

VPN 98

VPN InfoSec Advertising Cybersecurity 98

Heimadal Security

APRIL 8, 2021

Cybercriminals are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a brand new type of ransomware, tracked as Cring ransomware to companies in the industrial sector. The post Unpatched Fortinet VPN Devices Are Attacked by New Cring Ransomware appeared first on Heimdal Security Blog.

VPN 94

VPN Ransomware Telecommunications Cybersecurity 94

Digital Guardian

APRIL 5, 2021

APT groups increasingly targeted CVE-2018-13379, CVE-2020-12812 and CVE-2019-5591 last month.

VPN 108

VPN 108

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. ” reads the advisory published by the experts.

VPN 98

VPN Encryption Advertising Authentication 98

Krebs on Security

NOVEMBER 17, 2021

In 2018, the American Registry for Internet Numbers (ARIN), which oversees IP addresses assigned to entities in the U.S., But in a 2020 interview, Golestan told KrebsOnSecurity that Micfo was at one point responsible for brokering roughly 40 percent of the IP addresses used by the world’s largest VPN providers.

Internet 350

Internet Internet VPN Marketing 350

The Last Watchdog

APRIL 26, 2021

As part of this mindset, more consumers are subscribing to a personal VPN service which they use to shield themselves from disinformation sweeps and to protect themselves from Covid 19-related hacks and scams. I’ve since discovered that there’s a heck of a lot going on in the B2C VPN space. percent ten years ago.

B2C 214

B2C VPN Marketing Antivirus 214

Malwarebytes

JUNE 21, 2021

Cybersecurity news hounds The Record report that a spokesperson for the Korea Atomic Energy Research Institute (KAERI) said the intrusion took place last month , on May 14 to be exact, through a vulnerability in a virtual private network (VPN) server. The weapon: a VPN vulnerability. The name of the VPN vendor is being kept secret.

VPN 85

VPN Cyber Attacks Engineering Government 85

Troy Hunt

JANUARY 10, 2018

agarwal_mohit) January 5, 2018. I think the URL is right but it seems inaccessible from other countries: [link] — Troy Hunt (@troyhunt) January 9, 2018. Blocking legitimate users is part of that problem, blocking users wanting to protect their traffic with a VPN is another: This has been there for the past year now.

Hacking 279

Hacking Government Encryption Risk 279

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN 75

VPN Hacking Advertising Passwords 75

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 164

Accountability VPN Software Antivirus 164

Security Affairs

DECEMBER 19, 2022

CVE-2018-0125 (CVSS score of 9.8) – A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. .

Wireless 144

Wireless VPN Software Hacking 144

Troy Hunt

MARCH 29, 2018

— Dan Blank (@danblank000) March 20, 2018. — Brian Ford (@BrianPFord) March 9, 2018. — Edward Deaver (@EdwardCDeaver) March 10, 2018. link] — Troy Hunt (@troyhunt) February 22, 2018. — Troy Hunt (@troyhunt) February 22, 2018. I even shutdown accounts I no longer wanted / needed.

Password Management 274

Password Management Passwords Data breaches Retail 274

Adam Levin

MAY 19, 2021

In 2018, Experian settled a class-action lawsuit for $22 million. . Use a VPN that you pay for: Having a VPN can make it much harder to steal your data and prevent identity theft. If the VPN is free, chances are good that your information is being sold. . Takeaways .

Risk 218

Risk Identity Theft Data breaches VPN 218

Krebs on Security

FEBRUARY 18, 2019

27, 2018, Cisco’s Talos research division published a write-up outlining the contours of a sophisticated cyber espionage campaign it dubbed “ DNSpionage.” webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text. The first domain was “ ns0.idm.net.lb

DNS 279

DNS Internet Internet Government 279

Adam Levin

NOVEMBER 15, 2019

News that Virtual Private Network ( VPN ) provider NordVPN was breached spread quickly. While the breach of a major VPN service is newsworthy, this one wasn’t particularly. But one of the watchwords of good cyber hygiene, a VPN, was breached. Who Is Using VPNs? The incident put NordVPN in the hot seat.

VPN 114

VPN Cybersecurity Firewall Data breaches 114

Security Affairs

AUGUST 23, 2019

Hackers are exploiting recently disclosed flaws in enterprise virtual private network (VPN) products from Fortinet and Pulse Secure. The popular cybersecurity expert Kevin Beaumont has observed threat actors attempting to exploit the CVE-2018-13379 in the FortiOS SSL VPN web portal and CVE-2019-11510 flaw in Pulse Connect Secure.

VPN 112

VPN Advertising Firewall Hacking 112

Security Affairs

SEPTEMBER 8, 2021

The threat actor leaked a list containing approximately 500,000 Fortinet VPN credentials that can allow threat actors to breach the networks of the organizations that use the compromised VPN appliances and perform malicious activities such as dropping a ransomware or stealing sensitive data.

VPN 110

VPN Ransomware Hacking Accountability 110

Krebs on Security

JANUARY 10, 2020

In July 2018, KrebsOnSecurity published the story Neo-Nazi Swatters Target Dozens of Journalists , which detailed the activities of a loose-knit group of individuals who had targeted hundreds of individuals for swatting attacks, including federal judges, corporate executives and almost three-dozen journalists (myself included).

Computers and Electronics 234

Computers and Electronics Internet Internet VPN 234