Authentication, Download and VPN - Cyber Security Informer

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN

VPN Government Authentication Advertising

Hackers Leak 87,000 Fortinet VPN Passwords

eSecurity Planet

SEPTEMBER 9, 2021

In an advisory , Fortinet said the path traversal vulnerability in the FortiOS SSL VPN web portal may allow an attacker to download FortiOS system files through specially crafted HTTP resource requests. to 5.4.12; if the SSL VPN service (web-mode or tunnel-mode) is enabled. Passwordless Authentication 101.

VPN

VPN Passwords Authentication Network Security

The global impact of the Fortinet 50.000 VPN leak posted online

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. Affected Products FortiOS 6.0 – 6.0.0

VPN

VPN Banking Passwords Malware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, “Based on my observations, all the samples download a Sliver (Golang) backdoor, though from different URLs.”

VPN

VPN Malware Authentication Small Business

Vulnerability Recap 10/28/24 – Phishing, DoS, RCE & a Zero-Day

eSecurity Planet

OCTOBER 28, 2024

The fix: Download the appropriate fixed version, based on your existing version of vCenter Server, from Broadcom’s list of patched software. The attacker must be authenticated and have Site Owner permissions to conduct the attack, but with those, they could inject and execute arbitrary code in SharePoint Server contexts. base score.

Phishing

Phishing Authentication Software VPN

NordLayer Review: A VPN for the Zero Trust Era

eSecurity Planet

JUNE 22, 2022

However, many of these VPN solutions have three significant issues. First, VPNs can be difficult to set up, secure and maintain. Second, VPNs do not scale well and can become congested. Users might decide to bypass the hassle of VPNs and access those cloud resources directly without any additional security protection.

VPN

VPN Authentication Small Business Encryption

CISA orders federal agencies to disconnect Ivanti VPN instances by February 2

Security Affairs

FEBRUARY 1, 2024

The government experts also ordered to monitor the authentication or identity management services that could be exposed and urged to isolate the systems from any enterprise resources to the greatest degree possible. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, x and Ivanti Policy Secure.

VPN

VPN Authentication Software Malware

Why you need to trust your VPN: Lock and Code S02E05

Malwarebytes

MARCH 29, 2021

In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. Source: ComputerWeekly).

VPN

VPN Internet Internet Manufacturing

1 in 10 people do nothing to stay secure and private on vacation

Malwarebytes

MARCH 17, 2025

Once users click on the websites, which appear legitimate, theyre tricked into downloading malware or handing over sensitive information to scammers. That said, it’s inspiring to see that 41% of people “download or install a VPN” to provide an extra level of security when browsing on public Wi-Fi.

VPN

VPN Passwords Scams Backups

Your Network Is Showing – Time to Go Stealth

Security Boulevard

APRIL 17, 2025

They were strategic, persistent, and laser-focused on exploiting firewall and VPN weak points to establish long-term control over sensitive systems. Firewalls and VPNs are no longer the line of defense. But as networks have grown more complex and workforces have gone hybrid, VPNs have become both overextended and overexposed.

Firewall

Firewall VPN Encryption Architecture

Avast, NordVPN Breaches Tied to Phantom User Accounts

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability

Accountability VPN Software Antivirus

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Security Affairs

NOVEMBER 29, 2022

In early October, Fortinet addressed the critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. On October 18, Fortinet confirmed the critical authentication bypass vulnerability is being exploited in the wild. Download the system configuration.

VPN

VPN Firewall Authentication Internet

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Bill said this criminal group averages between five and ten million email authentication attempts daily, and comes away with anywhere from 50,000 to 100,000 of working inbox credentials. According to Bill, the fraudsters aren’t downloading all of their victims’ emails: That would quickly add up to a monstrous amount of data.

Accountability

Accountability Authentication Passwords Hacking

NSA, CISA Release Guidance for Choosing and Hardening VPNs

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN

VPN Authentication Passwords Software

Security myths of Smart Phones debunked

CyberSecurity Insiders

NOVEMBER 7, 2022

Apps related to mobile security are senseless- There is a notion among smart phone users that their device doesn’t need an antivirus software as they are downloading content only from Google Playstore. To avoid such threats, better to install anti-malware solutions and authenticator apps to keep online activity safe and secure.

VPN

VPN Mobile Password Management Malware

How to Evaluate the True Costs of Multi-Factor Authentication

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. Estimate and plan for how much it will cost to deploy multi-factor authentication to all of your apps and users.

Authentication

Authentication Software Mobile Passwords

Okta warns of unprecedented scale in credential stuffing attacks on online services

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. Threat actors use these RESIPs to evade detection.

VPN

VPN Accountability Firewall Data breaches

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. The malware was concealed within security authentication software used during website login. The compromised VPN client mistakenly accepted these files, leading to the execution of DoraRAT.

VPN

VPN Malware Software Hacking

Zyxel fixed four bugs in firewalls and access points

Security Affairs

FEBRUARY 27, 2024

Below is the list of the flaws addressed by the company: CVE-2023-6397 – A null pointer dereference vulnerability in some firewall versions could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled.

Firewall

Firewall VPN Authentication Hacking

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

Avoid entering any data if you see a warning message about a site’s authenticity. Also, consider using a Virtual Private Network (VPN) to encrypt your data and make it unreadable to hackers. Invest in a VPN to encrypt your data and ensure websites you use have SSL/TSL certificates (look for “https” in the URL).

DNS

DNS VPN Encryption Passwords

Act now! Ivanti vulnerabilities are being actively exploited

Malwarebytes

JANUARY 11, 2024

Successful exploitation would give an attacker the ability to run arbitrary code on Ivanti’s Virtual Private Network (VPN) system. Ivanti Connect Secure is a widely used VPN solution that allows users to connect to their organization’s network. xml file which can be obtained via the download portal (login required).

VPN

VPN Authentication Software Risk

CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack

Security Affairs

JULY 5, 2021

Below the list of recommendations included in the advisory published by CISA and the FBI for impacted MSPs: Download the Kaseya VSA Detection Tool. CISA and FBI recommend affected MSPs: Download the Kaseya VSA Detection Tool.

Ransomware

Ransomware VPN Backups Firewall

Nobelium continues to target organizations worldwide with custom malware

Security Affairs

DECEMBER 6, 2021

The Nobelium cyberspies is using a new custom downloader tracked by the researchers as CEELOADER. The state-sponsored hackers used the CRYPTBOT password-stealer to harvest valid session tokens that were used to authenticate to the Microsoft 365 environment. ” reads the report published by Mandiant.

Malware

Malware VPN Accountability Telecommunications

Attackers impersonate CircleCI platform to compromise GitHub accounts

Security Affairs

SEPTEMBER 25, 2022

Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.

Accountability

Accountability Phishing Authentication Passwords

How to Get a VPN on Any Device (+ Installation Tips)

eSecurity Planet

AUGUST 20, 2024

A virtual private network (VPN) is a must for any internet user connecting to business systems. Use this guide to learn how to get a VPN provider, set it up, and connect your devices for a more secure and safe connection. Use Like most software, VPN clients are system-specific — Apple versus Windows, iOS versus Android.

VPN

VPN Internet Internet Encryption

Safeguarding Your Privacy Online: Essential Tips and Best Practices

CyberSecurity Insiders

JUNE 5, 2023

Enable Two-Factor Authentication: T wo-Factor Authentication (2FA) adds an extra layer of security by requiring you to provide an additional verification code, typically sent to your mobile device, when logging into an account. When providing personal information, verify the authenticity of the website and ensure it is encrypted.

Passwords

Passwords Encryption Media Banking

Bridging the Security Gaps in Healthcare With Trusted Access

Duo's Security Blog

JUNE 2, 2021

This report Bridging Healthcare Security Gaps: Better Authentication Improves Controls aims to bring clarity and solutions to these security gaps. In this report you will learn: About zero trust and how multi-factor authentication meets the HIPPA requirements for a third factor of authentication.

Healthcare

Healthcare CISO Authentication VPN

Vulnerability Recap 6/3/24 – Check Point, Okta & Fortinet Issues

eSecurity Planet

JUNE 3, 2024

Spoofed browser upgrades download malware onto victims’ computers, and threat actors have been actively exploiting a Linux kernel vulnerability. May 28, 2024 Check Point VPN Zero-Day Vulnerability Requires Hotfix Type of attack: Information disclosure zero-day.

VPN

VPN Authentication Passwords Software

Credential-stealing malware disguises itself as Telegram, targets social media users

Malwarebytes

APRIL 11, 2022

The spyware is offered on download sites pretending to be installers for freeware and cracked versions of paid software. The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. cn/eg/fr/de/in/it/co.jp/nl/pl/sa/sg/es/se/ae/co.uk/com/com.au/com.br/mx/tr

Media

Media Malware Spyware Accountability

How Hacker's hack Android Devices

Hacker's King

JANUARY 8, 2025

These Android hacking techniques can be described as: Phishing Attacks: This is a technique in which hackers gain the trust of individuals by mimicking someone authentic. You should always download apps from trusted sources like 'Play Store' for Android users. You should make a habit of using a VPN while on a public network.

Hacking

Hacking Spyware Antivirus Passwords

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication

Authentication Risk Social Engineering InfoSec

Blister malware using code signing certificates to evade anti malware detection

CyberSecurity Insiders

DECEMBER 27, 2021

As some hackers have developed a malware that uses code signing certificates to avoid detection by security defenses and has the tendency to download payloads onto a compromised system. If you are in thinking that your PC or computing device is secure enough as it is loaded with an anti-malware solution, you better change your viewpoint.

Malware

Malware Adware Security Defenses Spyware

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

a demo for anti-virus software, VPN, music players, photo editing or online games) to hijack the channel of YouTube creators. The malware landing page is disguised as a software download URL that was sent via email or a PDF on Google Drive, or via Google documents containing the phishing links.

Accountability

Accountability Malware Phishing Social Engineering

How to Use a VPN: Complete User Guide

eSecurity Planet

SEPTEMBER 5, 2024

A VPN (Virtual Private Network) routes your internet traffic through an encrypted tunnel, shielding your data from hackers and ensuring your online activities remain private and secure. A VPN can provide the solution if you want to safeguard your personal information, bypass geo-restrictions, or maintain anonymity online.

VPN

VPN Encryption Internet Internet

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Enable two-factor authentication.

Scams

Scams Retail Banking Passwords

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

SecureList

OCTOBER 18, 2024

The attackers used a contractor’s login information to connect to the victim’s internal systems via a VPN. The VPN connections were established from IP addresses associated with a Russian hosting provider’s network and a contractor’s network. zip hxxp://localtonet.com/download/localtonet-win-64.zip

Energy and Utilities

Energy and Utilities VPN Encryption Ransomware

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels. reads a post published by Crowdstrike on Reddit.

VPN

VPN Software Firewall Authentication

PseudoManuscrypt: a mass-scale spyware attack campaign

SecureList

DECEMBER 16, 2021

One specific case of the PseudoManuscrypt downloader’s distribution is its installation via the Glupteba botnet (whose main installer is also distributed via the pirated software installer distribution platform). The main PseudoManuscrypt module has extensive and varied spying functionality.

Spyware

Spyware Energy and Utilities Malware VPN

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Consider installing and using a VPN. Use two-factor authentication with strong passwords. One of the images shared by the group shows a directory containing folders such as Accounts Receivable, Finance, collection letters, Expenses, and Employees. . Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware VPN Advertising Marketing

Two zero-day bugs in Ivanti Connect Secure actively exploited

Security Affairs

JANUARY 11, 2024

is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated administrator can exploit the issue by sending specially crafted requests and execute arbitrary commands on the appliance. xml file via the download portal. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure.

Authentication

Authentication VPN Mobile Hacking

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware

Malware DNS Authentication Telecommunications

Privacy Roundup: Week 7 of Year 2025

Security Boulevard

FEBRUARY 17, 2025

Privacy Services Mullvad has partnered with Obscura VPN Mullvad Mullvad announces its partnership with ObscuraVPN; Mullvad WireGuard VPN servers can be used as the exit hop for the two-party VPN service offered by ObscuraVPN. When exploited, an authenticated attacker could elevate to SYSTEM level privileges.

Surveillance

Surveillance Data breaches VPN Malware

CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine

Security Affairs

NOVEMBER 14, 2022

“The investigation found that the initial compromise occurred as a result of downloading and running a file that mimicked the “Advanced IP Scanner” software, but actually contained the Vidar malware.” ” reads the advisory published by CERT-UA.

Ransomware

Ransomware Computers and Electronics VPN Malware

The Role of Enterprise Browsers in Securing Remote Work and Hybrid Teams

IT Security Guru

DECEMBER 26, 2024

Access Control and Authentication Access control is another crucial component of remote work security. Enterprise browsers offer Single Sign-On and Two-Factor Authentication. They track downloads, site visits, and app use. They can also require a VPN for secure browsing. It keeps remote teams safe while browsing.

Phishing

Phishing Authentication Technology Malware

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Hackers Leak 87,000 Fortinet VPN Passwords

Webinars

Trending Sources

The global impact of the Fortinet 50.000 VPN leak posted online

Webinars

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Vulnerability Recap 10/28/24 – Phishing, DoS, RCE & a Zero-Day

NordLayer Review: A VPN for the Zero Trust Era

CISA orders federal agencies to disconnect Ivanti VPN instances by February 2

Why you need to trust your VPN: Lock and Code S02E05

1 in 10 people do nothing to stay secure and private on vacation

Your Network Is Showing – Time to Go Stealth

Avast, NordVPN Breaches Tied to Phantom User Accounts

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Gift Card Gang Extracts Cash From 100k Inboxes Daily

NSA, CISA Release Guidance for Choosing and Hardening VPNs

Security myths of Smart Phones debunked

How to Evaluate the True Costs of Multi-Factor Authentication

Okta warns of unprecedented scale in credential stuffing attacks on online services

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Zyxel fixed four bugs in firewalls and access points

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Act now! Ivanti vulnerabilities are being actively exploited

CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack

Nobelium continues to target organizations worldwide with custom malware

Attackers impersonate CircleCI platform to compromise GitHub accounts

How to Get a VPN on Any Device (+ Installation Tips)

Safeguarding Your Privacy Online: Essential Tips and Best Practices

Bridging the Security Gaps in Healthcare With Trusted Access

Vulnerability Recap 6/3/24 – Check Point, Okta & Fortinet Issues

Credential-stealing malware disguises itself as Telegram, targets social media users

How Hacker's hack Android Devices

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Blister malware using code signing certificates to evade anti malware detection

YouTube creators’ accounts hijacked with cookie-stealing malware

How to Use a VPN: Complete User Guide

50 Ways to Avoid Getting Scammed on Black Friday

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

PseudoManuscrypt: a mass-scale spyware attack campaign

Netwalker ransomware operators claim to have stolen data from Forsee Power

Two zero-day bugs in Ivanti Connect Secure actively exploited

Cuttlefish malware targets enterprise-grade SOHO routers

Privacy Roundup: Week 7 of Year 2025

CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine

The Role of Enterprise Browsers in Securing Remote Work and Hybrid Teams

Stay Connected