Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 141

Engineering VPN Accountability Software 141

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN 130

VPN Ransomware Antivirus Firmware 130

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. The vulnerability is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 135

VPN Government Authentication Cybersecurity 135

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware 141

Ransomware VPN Education Hacking 141

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. ” Kaspersky spotted the activity of the group by investigating two weaponized documents that were uploaded to VirusTotal in July 2020 and March 2021. .

VPN 140

VPN Internet Internet Software 140

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Below is the timeline for this vulnerability: 2020-10-26: Randori began initial research on GlobalProtect. 2020-11-19: Randori discovered the buffer overflow vulnerability. Randori said. Pierluigi Paganini.

VPN 127

VPN Firewall Internet Internet 127

Security Affairs

AUGUST 6, 2021

Security firm Ivanti addressed a critical vulnerability in its Pulse Connect Secure VPN appliances that could be exploited to execute arbitrary code with root privileges. IT firm Ivanti released security updates to address multiple vulnerabilities in its Pulse Connect Secure VPN appliances.

VPN 112

VPN Authentication Hacking Information Security 112

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware 125

Firmware Passwords Accountability VPN 125

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability. SecurityAffairs – Pulse Secure VPN , hacking). Pierluigi Paganini.

VPN 98

VPN InfoSec Advertising Cybersecurity 98

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 352

Cybercrime VPN Malware Ransomware 352

Daniel Miessler

SEPTEMBER 27, 2020

Example 2: Using a VPN. A lot of people are confused about VPNs. They think it’s giving them security that it isn’t because they haven’t properly understood the tech and haven’t considered the attack scenarios. If you log in at the end website you’ve identified yourself to them, regardless of VPN.

VPN 326

VPN Risk Hacking Encryption 326

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co.,

Firewall 75

Firewall Hacking Malware Passwords 75

Security Affairs

JANUARY 23, 2021

The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vulnerabilities in their VPN solutions, such as NetExtender VPN client version 10.x x and Secure Mobile Access ( SMA ). Below the list of affected products shared by THN: NetExtender VPN client version 10.x

VPN 144

VPN Firewall Mobile Hacking 144

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. Attackers maintained persistence through VPN credentials, Active Directory DCSYNC access, and firmware-hooking methods to survive updates.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

JULY 28, 2021

A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S.

VPN 142

VPN Cybersecurity Hacking Technology 142

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware 87

Ransomware VPN Cybercrime Advertising 87

Krebs on Security

APRIL 20, 2023

Mandiant found the earliest evidence of compromise uncovered within 3CX’s network was through the VPN using the employee’s corporate credentials, two days after the employee’s personal computer was compromised. Microsoft Corp.

Malware 330

Malware Software Technology Accountability 330

Security Affairs

JUNE 19, 2021

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. A KAERI spokesperson revealed that threat actors exploited a vulnerability in a virtual private network (VPN) server to gain access to the network of the institute. ” reported The Record.

Hacking 145

Hacking VPN Internet Internet 145

Security Affairs

JULY 22, 2020

Immediately after the first attacks, security experts started searching for vulnerable databases exposed online. One of the recent Meow attacks targeted the Hong Kong-based VPN provider UFO VPN , hackers targeted its Elasticsearch database. Recently vpnMentor experts reported that seven Virtual Private Network (VPN) left 1.2

VPN 126

VPN Advertising Hacking Information Security 126

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities 62

Energy and Utilities Passwords VPN Healthcare 62

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. ” continues the report.

Hacking 129

Hacking VPN Advertising Government 129

Security Affairs

MAY 8, 2020

Ruhr University Bochum (RUB) shuts down a large portion of its central IT infrastructure between May 6 and May 7, 2020. on Thursday, May 7, 2020. . on Thursday, May 7, 2020. e-mail, VPN tunnel, “Serviceportal”). ^sk sk — Ruhr-Universität Bochum (@ruhrunibochum) May 7, 2020.

Cyber Attacks 137

Cyber Attacks VPN Advertising Hacking 137

Security Affairs

JULY 16, 2020

The Cisco Product Security Incident Response Team (PSIRT) confirmed that it is not aware of any public announcements or malicious use of the above vulnerabilities. The tech giant confirmed that there are no workarounds that fix these vulnerabilities.

Firewall 131

Firewall Small Business Wireless Advertising 131

Security Affairs

DECEMBER 6, 2020

Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected. ” reported ZDNet.

Ransomware 134

Ransomware VPN Encryption Passwords 134

Duo's Security Blog

DECEMBER 21, 2020

I think we can all agree that 2020 was anything but a typical year (and a poster child for Murphy’s law "anything that can go wrong, will go wrong.") There is no shortage of articles about the very bad things that all of us in the information security industry are acutely aware of. But we are resilient.

Cybersecurity 68

Cybersecurity Passwords VPN Authentication 68

Security Affairs

OCTOBER 1, 2020

The experts found six vulnerabilities in B&R Automation’s SiteManager and GateManager ( CVE-2020-11641 , CVE-2020-11642 , CVE-2020-11643 , CVE-2020-11644 , CVE-2020-11645 , CVE-2020-11646 ) that could potentially disrupt operations. ” reads the advisory published by the company.

Advertising 135

Advertising Authentication VPN Firewall 135

Security Affairs

SEPTEMBER 8, 2021

Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN, VPN, ExpressVPN, KeepSolid VPN Unlimited, Nord VPN, Speedify VPN, and IPVanish VPN. ” reads the announcement published by Roskomnadzor.

VPN 105

VPN Internet Internet Mobile 105

Security Affairs

APRIL 28, 2020

Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. After reviewing the attack logs of the Denial of Service, Qurium could quickly determine that the attacker was using Fineproxy VPN service to build a botnet to flood the website.

DDOS 137

DDOS Media VPN Advertising 137

Security Affairs

JULY 20, 2020

REvil #Sodinokibi #Ransomware pic.twitter.com/BZtLhw8V1D — Germán Fernández (@1ZRR4H) July 19, 2020. Immediately after the attack was detected by the internal IT staff, the company warned its employees of not connecting its internal VPN network and avoiding opening emails with suspicious archive attachments.

Ransomware 145

Ransomware VPN Advertising Internet 145

Security Affairs

SEPTEMBER 15, 2020

. “CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.” 7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances.

Government 105

Government VPN Firmware Energy and Utilities 105

Security Affairs

MARCH 24, 2021

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware 145

Ransomware Encryption VPN Malware 145

Security Affairs

MAY 17, 2020

Experts from security firm Bad Packets reported that Elexon had been running an outdated version of Pulse Secure VPN server, if confirmed threat actors could have exploited it to access the internal network. NSA also warned of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws.

Cyber Attacks 107

Cyber Attacks VPN Advertising Cyber threats 107

Security Affairs

AUGUST 28, 2020

Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS issue that resides in the Fabric Services component. ” reads the advisory published by Cisco.

Software 139

Software Risk Advertising Authentication 139

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

MAY 15, 2020

Palo Alto Networks has issued security updates to address tens of vulnerabilities in PAN-OS, the software that runs on the company’s next-generation firewalls. One of the most severe vulnerabilities, tracked as CVE-2020-2018 , is an authentication bypass vulnerability in the Panorama context switching feature.

Firewall 136

Firewall Authentication Advertising VPN 136

Security Affairs

MAY 1, 2021

If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” Threat actors were exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020.

Ransomware 144

Ransomware Cryptocurrency Malware Internet 144