Advertising, Information Security and VPN

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN

VPN Cybercrime Advertising Ransomware

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN

VPN Firewall Advertising Internet

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. ” continues the researchers.

VPN

VPN Government Advertising Firmware

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Advertising Telecommunications Hacking

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The malware is also able to steal data from messaging apps and VPN clients. ” continues the report.

Advertising

Advertising Cybercrime Malware Cryptocurrency

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Government Authentication Advertising

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Security Affairs

OCTOBER 9, 2019

NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws. Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

VPN

VPN Advertising Accountability Healthcare

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to breach into the target networks. Pierluigi Paganini.

VPN

VPN Advertising Healthcare Data breaches

7 VPN services left data of millions of users exposed online

Security Affairs

JULY 21, 2020

vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. . The server was secured on July 15 th.

VPN

VPN Advertising Passwords Internet

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Security Affairs

AUGUST 25, 2019

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

VPN

VPN Advertising Hacking Government

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime Malware VPN Ransomware

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN InfoSec Advertising Cybersecurity

Privilege Escalation flaw found in Forcepoint VPN Client for Windows

Security Affairs

SEPTEMBER 23, 2019

Security researcher Peleg Hadar of SafeBreach Labs discovered a privilege escalation flaw that impacts all versions of Forcepoint VPN Client for Windows except the latest release. “There is an unquoted search path vulnerability in Forcepoint VPN Client for Windows versions lower than 6.6.1.” Pierluigi Paganini.

VPN

VPN Advertising Hacking Malware

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. Pierluigi Paganini.

VPN

VPN Firewall Advertising Media

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel. The experts explained that in this way, it is possible to hijack active connections within the VPN tunnel. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Encryption Advertising Authentication

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. co and a VPN provider called HideIPVPN[.]com. SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft. Pierluigi Paganini.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. That user advertised a service called “ Quot Project ” which said they could be hired to write programming scripts in Python and C++. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Security Affairs

OCTOBER 22, 2019

NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. . Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. .

VPN

VPN Hacking Advertising Passwords

Dozens of unsecured databases wiped by mysterious Meow attack

Security Affairs

JULY 22, 2020

Immediately after the first attacks, security experts started searching for vulnerable databases exposed online. One of the recent Meow attacks targeted the Hong Kong-based VPN provider UFO VPN , hackers targeted its Elasticsearch database. Recently vpnMentor experts reported that seven Virtual Private Network (VPN) left 1.2

VPN

VPN Advertising Hacking Information Security

Russian-based DoubleVPN seized by law enforcement

Security Affairs

JUNE 30, 2021

Law enforcement has seized the servers of DoubleVPN (doublevpn.com), a Russian-based VPN service that provides double-encryption service widely used by threat actors to anonymize their operation while performing malicious activities. The VPN service was offered for a starting price of €22 ($25). .

VPN

VPN Cybercrime Encryption Advertising

REVil ransomware infected 18,000 computers at Telecom Argentina

Security Affairs

JULY 20, 2020

Immediately after the attack was detected by the internal IT staff, the company warned its employees of not connecting its internal VPN network and avoiding opening emails with suspicious archive attachments. In the past, REVil operators have targeted Pulse Secure and Citrix VPN and enterprise gateway systems as entry points.

Ransomware

Ransomware VPN Advertising Internet

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking VPN Advertising Government

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. “Agent Tesla is now able to harvest configuration data and credentials from a number of common VPN clients, FTP and Email clients, and Web Browsers.

Passwords

Passwords Spyware VPN Malware

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering

Social Engineering VPN Phishing Authentication

Massive cyber attack forced Ruhr University Bochum (RUB) to shut down its IT infrastructure

Security Affairs

MAY 8, 2020

As a result, all RUB members, for example, have no access to the Outlook mail program and the VPN tunnel, which is necessary to access folders from the home office. e-mail, VPN tunnel, “Serviceportal”). ^sk Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks VPN Advertising Hacking

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco released security updates to address other 22 high and medium severity security vulnerabilities impacting several routers, WebEx, Cisco SD-WAN Solution Software versions and other software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Cisco).

Firewall

Firewall Small Business Wireless Advertising

Elexon, a middleman in the UK power grid network hit by cyber-attack

Security Affairs

MAY 17, 2020

Experts from security firm Bad Packets reported that Elexon had been running an outdated version of Pulse Secure VPN server, if confirmed threat actors could have exploited it to access the internal network. NSA also warned of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws.

Cyber Attacks

Cyber Attacks VPN Advertising Cyber threats

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

FEBRUARY 2, 2020

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government VPN Telecommunications Advertising

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Use two-factor authentication with strong passwords.

Ransomware

Ransomware VPN Advertising Marketing

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

The memo invited NASA personnel to use VPN and regularly visit a dedicated website that provides information related to working during the COVID-19 outbreak. Below the list of suggestions included in the agency’s memo: Use the NASA VPN, prior to beginning to work. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Cryptocurrency Passwords

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

Kaspersky recommends organizations to adopt the following security measures: At the very least, use strong passwords. Make RDP available only through a corporate VPN. Use a reliable security solution. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Use Network Level Authentication (NLA).

Passwords

Passwords Advertising Authentication VPN

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the report. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. 3 (@pancak3lullz) October 15, 2020.

Ransomware

Ransomware Malware Advertising Cybercrime

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

Since early February, the Russian government has blocked other encrypted email and VPN services in Russia, including ProtonMail and ProtonVPN VPN service. The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users. Pierluigi Paganini.

Encryption

Encryption VPN Government Internet

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The Iranian hackers belong to an Iran-based threat actor that was behind attacks exploiting vulnerabilities in Pulse Secure VPN, Citrix Application Delivery Controller (ADC) and Gateway , and F5’s BIG-IP ADC products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Passwords Advertising Password Management

Security Affairs - Untitled Article

Security Affairs

JULY 22, 2019

GlobalProtect products allow organizations to set up a virtual private network (VPN) access, they also implement other security and management features. “ n this article, we would like to talk about the vulnerability on Palo Alto SSL VPN. Palo Alto calls their SSL VPN product line as GlobalProtect.

VPN

VPN Advertising Authentication Information Security

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. Vigor300B < v1.5.1 Vigor3900 < v1.5.1

Firmware

Firmware VPN Accountability Advertising

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

Palo Alto Networks also addressed serious cross-site scripting (XSS) vulnerability in the GlobalProtect Clientless VPN can be exploited to compromise a user’s session by tricking the victims into visiting a malicious website. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firewall

Firewall Authentication Advertising VPN

Chilean bank BancoEstado hit by REVil ransomware

Security Affairs

SEPTEMBER 7, 2020

The REvil ransomware gang is one of the most active groups, in the past, the operators have targeted Pulse Secure and Citrix VPN and enterprise gateway systems as entry points. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. and Elexon electrical middleman. Pierluigi Paganini.

Banking

Banking Ransomware Advertising VPN

Dragos Report: Analysis of ICS flaws disclosed in 2019

Security Affairs

FEBRUARY 20, 2020

data historians, OPC servers, cross-domain web applications, and VPN services), their exploitation could potentially allow attackers to move from the IT to the OT networks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising VPN Engineering Hacking

UK Fintech company Finastra hit by a cyber attack

Security Affairs

MARCH 21, 2020

.” Experts from cyber-security firm Bad Packets speculate attackers might have exploited the CVE-2019-11510 vulnerability to compromise unpatched Pulse Secure VPN servers at the Fintech firm. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Travelex deja vu? Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Data breaches Advertising Ransomware

Bulletproof VPN services took down in a global police operation

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Trending Sources

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

7 VPN services left data of millions of users exposed online

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Privilege Escalation flaw found in Forcepoint VPN Client for Windows

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Who and What is Behind the Malware Proxy Service SocksEscort?

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Interview With a Crypto Scam Investment Spammer

NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches

Dozens of unsecured databases wiped by mysterious Meow attack

Russian-based DoubleVPN seized by law enforcement

REVil ransomware infected 18,000 computers at Telecom Argentina

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Massive cyber attack forced Ruhr University Bochum (RUB) to shut down its IT infrastructure

Cisco fixes 5 critical flaws that could allow router firewall takeover

Elexon, a middleman in the UK power grid network hit by cyber-attack

The Russian Government blocked ProtonMail and ProtonVPN

Netwalker ransomware operators claim to have stolen data from Forsee Power

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

RDP brute-force attacks rocketed since beginning of COVID-19

15 billion credentials available in the cybercrime marketplaces

REvil Ransomware member win the auction for KPot stealer source code

Russian govn blocked Tutanota service in Russia to stop encrypted communication

US CISA report shares details on web shells used by Iranian hackers

Security Affairs - Untitled Article

Hackers target zero-day flaws in enterprise Draytek network devices

Palo Alto Networks addresses tens of serious issues in PAN-OS

Chilean bank BancoEstado hit by REVil ransomware

Dragos Report: Analysis of ICS flaws disclosed in 2019

UK Fintech company Finastra hit by a cyber attack

Stay Connected