Accountability and VPN - Cyber Security Informer

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Adam Levin

DECEMBER 23, 2020

Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. Visitors to the three domain names operated by the VPN provides, Insorg.org, Safe-inet.com, and Safe-inet.net are now directed to pages announcing the seizure.

VPN

VPN Cybercrime Phishing Ransomware

Padlocks, Phishing and Privacy; The Value Proposition of a VPN

Troy Hunt

SEPTEMBER 17, 2020

I also started giving more thought to privacy and how it's constantly eroded in little bites, a thought process that highlighted just how far we still have to go as an industry, and where the value proposition of a VPN was strongest. Here's the value proposition of a VPN in the modern era: 1.

VPN

VPN Phishing DNS Encryption

Backdoor in Zyxel Firewalls and Gateways

Schneier on Security

JANUARY 6, 2021

This is bad : More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. […].

Firewall

Firewall VPN Passwords Accountability

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection.

VPN

VPN Passwords Software Telecommunications

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities. The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts.

Passwords

Passwords Wireless VPN Accountability

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

VPN

VPN Government Cybercrime Internet

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups

Backups VPN Ransomware Authentication

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. . 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Troy Hunt

FEBRUARY 25, 2025

It's those credentials that are then sold in the stealer logs and later used to access the victim's accounts, which is the second exploitation. Another path had "ve", so it was off to Caracas and the Venezuelan victim's account was confirmed. You get the idea.

Passwords

Passwords Accountability VPN Malware

Google Chrome AI extensions deliver info-stealing malware in broad attack

Malwarebytes

JANUARY 9, 2025

Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services. million people.

Malware

Malware Small Business Artificial Intelligence VPN

Cisco warns of large-scale brute-force attacks against VPN and SSH services

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN

VPN Firewall Authentication Hacking

Check Point released hotfix for actively exploited VPN zero-day

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild.

VPN

VPN Passwords Authentication Accountability

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs

JANUARY 14, 2025

Threat actors gained unauthorized access to network devices, created accounts, and modified configurations. The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627).

Firewall

Firewall VPN Accountability Firmware

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

AUGUST 21, 2020

The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. authenticate the phone call before sensitive information can be discussed.

VPN

VPN Social Engineering Authentication Engineering

12 Online Resolutions for 2021

Adam Levin

DECEMBER 16, 2020

Don’t re-use passwords: Yes, keeping track of passwords for all of your accounts can be a chore, but using the same password means that one breached account can be used to others that use the same user credentials. Do your homework and find a VPN service with a solid reputation for their privacy, security, and data retention policies.

VPN

VPN Antivirus Passwords Backups

Work-from-Home Security Advice

Schneier on Security

MARCH 19, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Three, employees are more likely to access their organizational networks insecurely.

VPN

VPN Network Security Accountability Hacking

VPN to protect against DDoS attacks on Twitch

IT Security Guru

JANUARY 3, 2024

A reliable VPN provider always maintains a DDoS-protected server. In this article, we will continue to explore how a VPN can fortify your Twitch stream. The role of VPN in protection against DDoS attacks Attackers first locate the target to initiate a denial-of-service attack. Use different forms of VPN.

DDOS

DDOS VPN Internet Internet

U.S. State Government Network Breached via Former Employee's Account

The Hacker News

FEBRUARY 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.

Government

Government Accountability VPN Authentication

Facebook warns of 400 malicious apps that tried to steal your account credentials

Tech Republic Security

OCTOBER 11, 2022

Previously available on Apple’s App Store and Google Play, the phony apps impersonated photo editors, games, VPN services and utilities to trick users into sharing their Facebook credentials. The post Facebook warns of 400 malicious apps that tried to steal your account credentials appeared first on TechRepublic.

Accountability

Accountability VPN Mobile Malware

Bad Consumer Security Advice

Schneier on Security

DECEMBER 4, 2018

There are lots of articles about there telling people how to better secure their computers and online accounts. To remain anonymous and secure on the Internet, invest in a Virtual Private Network account, but remember, the bad guys are very smart, so by the time this column runs, they may have figured out a way to hack into a VPN.

Accountability

Accountability Passwords VPN Mobile

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Use a password manager : Simplifies managing strong, unique passwords across accounts. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly.

Identity Theft

Identity Theft Passwords Malware Banking

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

It is astounding that billions of online accounts have been breached over the past 18 years and that US consumer accounts are by far the most compromised. Related: VPNs vs ZTNA. It’s in findings of a deep dive data analytics study led by Surfshark , a supplier of VPN services aimed at the consumer and SMB markets.

VPN

VPN Data breaches Internet Internet

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN

VPN Banking Cybercrime Internet

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Krebs on Security

DECEMBER 2, 2021

NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. 28, other Ubiquiti employees spotted the unusual downloads, which had leveraged internal company credentials and a Surfshark VPN connection to hide the downloader’s true Internet address.

VPN

VPN Internet Internet Accountability

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Check Point Warns of Hackers Targeting Its Remote Access VPN

SecureWorld News

MAY 28, 2024

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company has warned in a new advisory. In light of these events, we have been monitoring attempts to gain unauthorized access to VPNs of Check Point's customers.

VPN

VPN Passwords Authentication Architecture

Cybersecurity During COVID-19

Schneier on Security

APRIL 7, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Three, employees are more likely to access their organizational networks insecurely.

Cybersecurity

Cybersecurity VPN Scams Phishing

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

a demo for anti-virus software, VPN, music players, photo editing or online games) to hijack the channel of YouTube creators. The researchers identified around 15,000 actor accounts, most of which were created for this campaign. Below are the job descriptions used to recruit the hackers. Pierluigi Paganini.

Accountability

Accountability Malware Phishing Social Engineering

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions

Penetration Testing

MARCH 11, 2025

Technology companies typically employ differentiated pricing strategies across various markets, taking into account factors such as purchasing power The post VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions appeared first on Cybersecurity News.

VPN

VPN Marketing Technology Accountability

Zyxel firewalls targeted in recent ransomware attacks

Security Affairs

NOVEMBER 25, 2024

“A command injection vulnerability in the IPSec VPN feature of some firewall versions could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device.” for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series. .”

Firewall

Firewall Ransomware VPN Firmware

Barnes & Noble Experiences Major Data Breach

Adam Levin

OCTOBER 16, 2020

While Barnes & Noble has yet to provide details of the nature of the cyberattack, a security researcher pointed out that the company’s VPN servers had not been patched against a critical vulnerability. The post Barnes & Noble Experiences Major Data Breach appeared first on Adam Levin.

Data breaches

Data breaches VPN Passwords Accountability

How to enhance the security of your social media accounts

Pen Test Partners

AUGUST 29, 2024

Secure networks : Avoid using untrusted public Wi-Fi to access social media accounts, instead, use mobile data. If you have to use a trusted VPN then use that, but be aware a VPN doesn’t make your connection secure it just moves the threat to the VPN provider. Multi-Factor authentication (MFA). Why do I need it?

Media

Media Accountability Password Management Passwords

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

Security Affairs

MARCH 14, 2025

Just four days after a proof-of-concept exploit for FortiOS was published on January 27, Forescout observed Mora_001 using it to create at least one local system admin account, demonstrating rapid weaponization of these vulnerabilities. These newly created users were then added to the VPN user group, enabling future logins.”

Firewall

Firewall Ransomware VPN Encryption

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

The Last Watchdog

SEPTEMBER 26, 2023

26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. For more detailed information on each of these principles and how to get the VPN Trust Seal, please visit the VTI website.

VPN

VPN Internet Internet Technology

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN

VPN Authentication Small Business Telecommunications

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

It is essential to ensure that all accounts are protected with strong passwords. To this day, a significant amount of people still use the password across multiple accounts, which makes it much simpler for a cybercriminal to compromise a password and take over accounts.

VPN

VPN Passwords Firewall Risk

A Closer Look at the LAPSUS$ Data Extortion Group

Krebs on Security

MARCH 23, 2022

Our investigation has found a single account had been compromised, granting limited access. “LAPSUS$ currently does not operate a clearnet or darknet leak site or traditional social media accounts—it operates solely via Telegram and email,” Flashpoint wrote in an analysis of the group. SIM-SWAPPING PAST SECURITY.

Social Engineering

Social Engineering Accountability Mobile Passwords

Attackers impersonate CircleCI platform to compromise GitHub accounts

Security Affairs

SEPTEMBER 25, 2022

For users with TOTP-based two-factor authentication (2FA) enabled, the phishing site also relays any TOTP codes to the threat actor and GitHub in real time, allowing the threat actor to break into accounts protected by TOTP-based 2FA. Accounts protected by hardware security keys are not vulnerable to this attack.”

Accountability

Accountability Phishing Authentication Passwords

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The service now includes credentials for 441K accounts stolen by the popular info-stealer. Users have also to change passwords for any account accessed through the infected machine.

Accountability

Accountability Malware Data breaches Passwords

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have.

Cybercrime

Cybercrime Malware VPN Ransomware

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack. ” continues the company.

Accountability

Accountability Social Engineering Authentication VPN

Gambling firms are secretly sharing your data with Facebook

Malwarebytes

FEBRUARY 12, 2025

Meta is complicit and must be held accountable This isn’t the first time that gambling sites have been caught unlawfully selling off user data , and comes amid calls for a wider investigation into the targeting of gamblers, as well as the need for more protective measures.

Data collection

Data collection Marketing Data privacy VPN

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Padlocks, Phishing and Privacy; The Value Proposition of a VPN

Trending Sources

Backdoor in Zyxel Firewalls and Gateways

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Hackers Were Inside Citrix for Five Months

Chinese threat actors use Quad7 botnet in password-spray attacks

Is Your Computer Part of ‘The Largest Botnet Ever?’

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Voice Phishers Targeting Corporate VPNs

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Google Chrome AI extensions deliver info-stealing malware in broad attack

Cisco warns of large-scale brute-force attacks against VPN and SSH services

Check Point released hotfix for actively exploited VPN zero-day

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

FBI, CISA Echo Warnings on ‘Vishing’ Threat

12 Online Resolutions for 2021

Work-from-Home Security Advice

VPN to protect against DDoS attacks on Twitch

U.S. State Government Network Breached via Former Employee's Account

Facebook warns of 400 malicious apps that tried to steal your account credentials

Bad Consumer Security Advice

International law enforcement operation dismantled RedLine and Meta infostealers

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Check Point Warns of Hackers Targeting Its Remote Access VPN

Cybersecurity During COVID-19

YouTube creators’ accounts hijacked with cookie-stealing malware

VPN No More: Xbox Targets Gamers Buying Games from Cheaper Regions

Zyxel firewalls targeted in recent ransomware attacks

Barnes & Noble Experiences Major Data Breach

How to enhance the security of your social media accounts

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

A Closer Look at the LAPSUS$ Data Extortion Group

Attackers impersonate CircleCI platform to compromise GitHub accounts

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

Gambling firms are secretly sharing your data with Facebook

Stay Connected