Accountability and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Adam Levin

DECEMBER 23, 2020

Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. Visitors to the three domain names operated by the VPN provides, Insorg.org, Safe-inet.com, and Safe-inet.net are now directed to pages announcing the seizure.

VPN

VPN Cybercrime Phishing Ransomware

News alert: Case dismissed against VPN executive, affirms no-logs policy as a valid legal defense

The Last Watchdog

APRIL 28, 2025

28, 2025, CyberNewswire — Windscribe , a globally used privacy-first VPN service, announced today that its founder, Yegor Sak, has been fully acquitted by a court in Athens, Greece, following a two-year legal battle in which Sak was personally charged in connection with an alleged internet offence by an unknown user of the service.

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Backdoor in Zyxel Firewalls and Gateways

Schneier on Security

JANUARY 6, 2021

This is bad : More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. […].

Firewall

Firewall VPN Passwords Accountability

Attackers exploited SonicWall SMA appliances since January 2025

Security Affairs

APRIL 19, 2025

Arctic Wolf has uncovered an active campaign, running from January to April 2025, targeting SonicWall SMA 100 series appliances to steal VPN credentials. Threat actors were spotted exploiting the default super admin account (admin@LocalDomain), which often still uses the weak default password password.

Passwords

Passwords VPN Firewall Accountability

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection.

VPN

VPN Passwords Software Telecommunications

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

VPN

VPN Government Cybercrime Internet

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities. The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts.

Passwords

Passwords Wireless VPN Accountability

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups

Backups VPN Ransomware Authentication

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. . 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Troy Hunt

FEBRUARY 25, 2025

It's those credentials that are then sold in the stealer logs and later used to access the victim's accounts, which is the second exploitation. Another path had "ve", so it was off to Caracas and the Venezuelan victim's account was confirmed. You get the idea.

Passwords

Passwords Accountability VPN Malware

Check Point released hotfix for actively exploited VPN zero-day

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild.

VPN

VPN Passwords Authentication Accountability

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs

JANUARY 14, 2025

Threat actors gained unauthorized access to network devices, created accounts, and modified configurations. The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627).

Firewall

Firewall VPN Accountability Firmware

Google Chrome AI extensions deliver info-stealing malware in broad attack

Malwarebytes

JANUARY 9, 2025

Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services. million people.

Malware

Malware Small Business Artificial Intelligence VPN

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

AUGUST 21, 2020

The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. authenticate the phone call before sensitive information can be discussed.

VPN

VPN Social Engineering Authentication Engineering

12 Online Resolutions for 2021

Adam Levin

DECEMBER 16, 2020

Don’t re-use passwords: Yes, keeping track of passwords for all of your accounts can be a chore, but using the same password means that one breached account can be used to others that use the same user credentials. Do your homework and find a VPN service with a solid reputation for their privacy, security, and data retention policies.

VPN

VPN Antivirus Passwords Backups

Work-from-Home Security Advice

Schneier on Security

MARCH 19, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Three, employees are more likely to access their organizational networks insecurely.

VPN

VPN Network Security Accountability Hacking

VPN to protect against DDoS attacks on Twitch

IT Security Guru

JANUARY 3, 2024

A reliable VPN provider always maintains a DDoS-protected server. In this article, we will continue to explore how a VPN can fortify your Twitch stream. The role of VPN in protection against DDoS attacks Attackers first locate the target to initiate a denial-of-service attack. Use different forms of VPN.

DDOS

DDOS VPN Internet Internet

Cisco warns of large-scale brute-force attacks against VPN and SSH services

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN

VPN Firewall Authentication Hacking

U.S. State Government Network Breached via Former Employee's Account

The Hacker News

FEBRUARY 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.

Government

Government Accountability VPN Authentication

Facebook warns of 400 malicious apps that tried to steal your account credentials

Tech Republic Security

OCTOBER 11, 2022

Previously available on Apple’s App Store and Google Play, the phony apps impersonated photo editors, games, VPN services and utilities to trick users into sharing their Facebook credentials. The post Facebook warns of 400 malicious apps that tried to steal your account credentials appeared first on TechRepublic.

Accountability

Accountability VPN Mobile Malware

Bad Consumer Security Advice

Schneier on Security

DECEMBER 4, 2018

There are lots of articles about there telling people how to better secure their computers and online accounts. To remain anonymous and secure on the Internet, invest in a Virtual Private Network account, but remember, the bad guys are very smart, so by the time this column runs, they may have figured out a way to hack into a VPN.

Accountability

Accountability Passwords VPN Mobile

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Use a password manager : Simplifies managing strong, unique passwords across accounts. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly.

Identity Theft

Identity Theft Passwords Malware Banking

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

It is astounding that billions of online accounts have been breached over the past 18 years and that US consumer accounts are by far the most compromised. Related: VPNs vs ZTNA. It’s in findings of a deep dive data analytics study led by Surfshark , a supplier of VPN services aimed at the consumer and SMB markets.

VPN

VPN Data breaches Internet Internet

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN

VPN Banking Cybercrime Internet

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Check Point Warns of Hackers Targeting Its Remote Access VPN

SecureWorld News

MAY 28, 2024

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company has warned in a new advisory. In light of these events, we have been monitoring attempts to gain unauthorized access to VPNs of Check Point's customers.

VPN

VPN Passwords Authentication Architecture

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Krebs on Security

DECEMBER 2, 2021

NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. 28, other Ubiquiti employees spotted the unusual downloads, which had leveraged internal company credentials and a Surfshark VPN connection to hide the downloader’s true Internet address.

VPN

VPN Internet Internet Accountability

Cybersecurity During COVID-19

Schneier on Security

APRIL 7, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Three, employees are more likely to access their organizational networks insecurely.

Cybersecurity

Cybersecurity VPN Scams Phishing

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

The Orange Cyberdefense CERT investigated four attackers with a similar initial access vector consisting of thecompromise of a Check Point VPN appliance. The experts believe threat actors exploited the zero-dayCVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features.

Healthcare

Healthcare Ransomware VPN Malware

Zyxel firewalls targeted in recent ransomware attacks

Security Affairs

NOVEMBER 25, 2024

“A command injection vulnerability in the IPSec VPN feature of some firewall versions could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device.” for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. .”

Firewall

Firewall Ransomware VPN Firmware

Barnes & Noble Experiences Major Data Breach

Adam Levin

OCTOBER 16, 2020

While Barnes & Noble has yet to provide details of the nature of the cyberattack, a security researcher pointed out that the company’s VPN servers had not been patched against a critical vulnerability. The post Barnes & Noble Experiences Major Data Breach appeared first on Adam Levin.

Data breaches

Data breaches VPN Passwords Accountability

How to enhance the security of your social media accounts

Pen Test Partners

AUGUST 29, 2024

Secure networks : Avoid using untrusted public Wi-Fi to access social media accounts, instead, use mobile data. If you have to use a trusted VPN then use that, but be aware a VPN doesn’t make your connection secure it just moves the threat to the VPN provider. Multi-Factor authentication (MFA). Why do I need it?

Media

Media Accountability Password Management Passwords

How to secure your Twitter Account from Hacking

Hacker's King

JANUARY 1, 2025

You may also like to read: Instagram Hacked: Top 5 Ways to Protect Your Account Ways to Secure Your Twitter Account Set a Strong Password - Setting a strong password is the very first step to secure your Twitter account. It enables us to make our accounts more secure. Be cautious with public Wi-Fi.

Accountability

Accountability Hacking Passwords Scams

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN

VPN Authentication Small Business Telecommunications

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

It is essential to ensure that all accounts are protected with strong passwords. To this day, a significant amount of people still use the password across multiple accounts, which makes it much simpler for a cybercriminal to compromise a password and take over accounts.

VPN

VPN Passwords Firewall Risk

Weekly Update 233

Troy Hunt

MARCH 5, 2021

Not just data breaches, but noteworthy data breaches; the VPN ones for being pretty shady, Oxfam because it included my data which was posted to a hacking forum, Ticketcounter because of the interactions I had with them during the disclosure process and Gab because, well, everything about Gab is always weird.

Data breaches

Data breaches VPN Hacking Passwords

GUEST ESSAY: Data breaches across the globe slowed significantly in Q4 2021 versus Q1-Q3

The Last Watchdog

JANUARY 18, 2022

Breached accounts were analyzed according to the country’s origin, and the actual time the breach was recorded. Q4 has seen an 81 percent drop in exposed accounts (44.2 The US topped the charts in exposed accounts this quarter with two out of 100 American internet users affected. million) compared to Q3 (235.6 million). •Q1

Data breaches

Data breaches VPN Internet Internet

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack. ” continues the company.

Accountability

Accountability Social Engineering Authentication VPN

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have.

Cybercrime

Cybercrime Malware VPN Ransomware

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions

Penetration Testing

MARCH 11, 2025

Technology companies typically employ differentiated pricing strategies across various markets, taking into account factors such as purchasing power The post VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions appeared first on Cybersecurity News.

VPN

VPN Marketing Technology Accountability

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Webinars

Trending Sources

News alert: Case dismissed against VPN executive, affirms no-logs policy as a valid legal defense

Webinars

Backdoor in Zyxel Firewalls and Gateways

Attackers exploited SonicWall SMA appliances since January 2025

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Hackers Were Inside Citrix for Five Months

Is Your Computer Part of ‘The Largest Botnet Ever?’

Chinese threat actors use Quad7 botnet in password-spray attacks

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Voice Phishers Targeting Corporate VPNs

A Deep Dive Into the Residential Proxy Service ‘911’

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Check Point released hotfix for actively exploited VPN zero-day

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Google Chrome AI extensions deliver info-stealing malware in broad attack

FBI, CISA Echo Warnings on ‘Vishing’ Threat

12 Online Resolutions for 2021

Work-from-Home Security Advice

VPN to protect against DDoS attacks on Twitch

Cisco warns of large-scale brute-force attacks against VPN and SSH services

U.S. State Government Network Breached via Former Employee's Account

Facebook warns of 400 malicious apps that tried to steal your account credentials

Bad Consumer Security Advice

International law enforcement operation dismantled RedLine and Meta infostealers

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Check Point Warns of Hackers Targeting Its Remote Access VPN

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Cybersecurity During COVID-19

NailaoLocker ransomware targets EU healthcare-related entities

Zyxel firewalls targeted in recent ransomware attacks

Barnes & Noble Experiences Major Data Breach

How to enhance the security of your social media accounts

How to secure your Twitter Account from Hacking

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

Weekly Update 233

GUEST ESSAY: Data breaches across the globe slowed significantly in Q4 2021 versus Q1-Q3

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions

Stay Connected