Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 125

VPN Hacking Authentication Government 125

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. Geomap of impacted countries.

VPN 145

VPN Banking Passwords Malware 145

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. that allows remote authenticated attackers to execute arbitrary code as the root user via maliciously crafted meeting room. A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 133

VPN Government Authentication Cybersecurity 133

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

VPN 126

VPN Authentication Small Business Telecommunications 126

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk 264

Risk VPN Internet Internet 264

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. However, the speed comes at the cost of encryption.

VPN 111

VPN Encryption Firewall Internet 111

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

VPN 125

VPN Malware Authentication Small Business 125

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication.

Firewall 130

Firewall Government VPN Authentication 130

Security Affairs

FEBRUARY 1, 2024

The government agency recommends continuing to look for indicators of compromise on any systems connected to—or recently connected to—the affected Ivanti device. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated attacker can exploit the issue to access certain restricted resources.

VPN 127

VPN Authentication Software Malware 127

CSO Magazine

APRIL 20, 2021

Over the past few months, several cyberespionage groups, including one believed to be tied to the Chinese government, have been breaking into the networks of organizations from the United States and Europe by exploiting vulnerabilities in VPN appliances from zero-trust access provider Pulse Secure.

VPN 98

VPN CSO Hacking Authentication 98

SecureWorld News

NOVEMBER 12, 2024

These nation-state threat actors, as Grimes described, infiltrate companies worldwide by posing as IT contractors and employees, allowing the North Korean government to generate revenue and potentially compromise sensitive systems. Multiple jobs held simultaneously, a tactic that generates significant revenue for the North Korean government.

Government 94

Government VPN Cyber threats Education 94

Krebs on Security

MAY 19, 2020

For example, as recently as earlier this month, Intel 471 spotted Sanix selling access to nearly four dozen universities worldwide, and to a compromised VPN account for the government of San Bernadino, Calif. By far the most important passwords are those protecting our email inbox(es).

Passwords 362

Passwords Accountability Hacking Password Management 362

Malwarebytes

NOVEMBER 24, 2023

The vulnerability is described as a sensitive information disclosure in NetScaler web application delivery control (ADC) and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. It’s reported to have been in use as a zero-day since late August. NetScaler ADC 13.1-FIPS

Government 131

Government Ransomware Backups Software 131

Malwarebytes

NOVEMBER 6, 2024

Lock things down Having a strict policy to protect your important assets with strong passwords and multi-factor authentication (MFA) should be a no-brainer. Use a firewall and VPN A firewall protects an entry point to a network while a VPN creates an encrypted tunnel between two networks.

Small Business 98

Small Business Backups VPN Firewall 98

SC Magazine

APRIL 20, 2021

While specific companies were not named, defense contractors were among those targeted as part of a campaign by at least two hacking groups that leveraged vulnerabilities Pulse Secure VPN devices. Mandiant outlined 12 malware families that they observed actively exploiting vulnerabilities in Pulse Secure VPN devices dating back to last year.

Government 104

Government VPN Malware Hacking 104

Security Affairs

DECEMBER 11, 2024

Passwords associated with external authentication systems such as AD or LDAP are unaffected. Login credentials associated with external authentication systems (i.e. A list of the user IDs permitted to use the firewall for SSL VPN and accounts that were permitted to use a clientless VPN connection.

Firewall 73

Firewall Hacking Malware Passwords 73

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN 111

VPN Authentication Passwords Software 111

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. According to the South Korean authorities, the government of Pyongyang’s goal is to steal intellectual property and trade secrets from the South.

VPN 127

VPN Malware Software Hacking 127

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” Consider installing and using a VPN. Use two-factor authentication with strong passwords.

Ransomware 145

Ransomware VPN Advertising Government 145

CSO Magazine

JANUARY 13, 2023

Based on currently available information, the original zero-day attack was highly targeted to government-related entities. Remote code execution in FortiOS SSL-VPN. The vulnerability, tracked as CVE-2022-42475 , is in the SSL-VPN functionality of FortiOS and can be exploited by remote attackers without authentication.

Network Security 113

Network Security VPN Authentication Government 113

Security Boulevard

JUNE 9, 2021

In 1880, the French government awarded Alexander Graham Bell roughly the equivalent of $300K as a prize for inventing the telephone. 1998 was the same year that researchers at AT&T Labs were issued a patent (filed in 1995) for what became known in our industry as Multi-Factor Authentication (MFA). Not much has changed in 23 years.

Authentication 93

Authentication Passwords VPN Technology 93

Malwarebytes

APRIL 21, 2021

PCS provides Virtual Private Network (VPN) facilities to businesses, which use them to prevent unauthorized access to their networks and services. admin web interface could allow an authenticated attacker to upload a custom template to perform an arbitrary code execution. The old vulnerabilities.

VPN 85

VPN Authentication Malware System Administration 85

Krebs on Security

MARCH 29, 2022

It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death. . But not all have it.”

Accountability 292

Accountability Government Hacking Social Engineering 292

The Last Watchdog

MAY 23, 2022

They require integrity, authentication, trusted identity and encryption. Protocols and policies setting new parameters for trusted connections are being hammered out and advanced encryption, authentication and data protection solutions are being ramped up. Related: Leveraging PKI to advance electronic signatures.

Cybersecurity 214

Cybersecurity Digital transformation Computers and Electronics Encryption 214

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. that allows remote authenticated attackers to execute arbitrary code as the root user via maliciously crafted meeting room. One file is designed to intercept certificate-based multi-factor authentication.

Malware 137

Malware VPN Authentication Hacking 137

Krebs on Security

FEBRUARY 18, 2019

government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies.

DNS 279

DNS Internet Internet Government 279

eSecurity Planet

FEBRUARY 6, 2025

Single sign-on” (SSO) is an authentication method that allows users to enter one set of authentication credentials to access multiple websites, applications, and services. The goal of SSO is to streamline the authentication process by eliminating the need to enter different usernames and passwords for each resource.

Authentication 59

Authentication Passwords Mobile Encryption 59

Security Affairs

OCTOBER 18, 2024

The attacks have gone on since at least October 2023, Iran-linked threat actors attempted to hack user accounts and obtain access to organizations in the healthcare and public health (HPH), government, information technology, engineering, and energy sectors. ” reads the joint report published by the US CISA.

Healthcare 121

Healthcare Passwords Accountability Authentication 121

Security Affairs

JUNE 2, 2024

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 121

Data breaches VPN Cloud Migration Malware 121

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. In some campaigns analyzed by Mandiant, the threat actor was using residential IP address ranges to authenticate to target environments.

Malware 131

Malware VPN Accountability Telecommunications 131

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime.

Consumer Protection 84

Consumer Protection Identity Theft Scams Social Engineering 84

eSecurity Planet

SEPTEMBER 5, 2024

A VPN (Virtual Private Network) routes your internet traffic through an encrypted tunnel, shielding your data from hackers and ensuring your online activities remain private and secure. A VPN can provide the solution if you want to safeguard your personal information, bypass geo-restrictions, or maintain anonymity online.

VPN 59

VPN Encryption Internet Internet 59

Security Affairs

APRIL 19, 2024

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. ” reads a post published by the organization on Medium.

Cyber Attacks 141

Cyber Attacks VPN Authentication Hacking 141

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices.

Ransomware 136

Ransomware VPN Government Retail 136

IT Security Guru

JUNE 30, 2021

SSO allows users to access multiple applications, and the underlying data, without having to re-authenticate to access each application. Organizations that are considering enhancing IAM also note the challenges that accompany the virtual private network (VPN) model. Five Benefits of Single Sign-on.

Password Management 133

Password Management Passwords VPN B2C 133

Security Affairs

NOVEMBER 17, 2021

One of the campaigns monitored by the experts and conducted by PHOSPHORUS APT group leveraged known vulnerabilities in Fortinet FortiOS SSL VPN and Microsoft Exchange Servers to deploy ransomware on vulnerable networks. . Microsoft added that password spray attacks on Office 365 accounts with multifactor authentication (MFA) enabled failed.

VPN 132

VPN Accountability Social Engineering Media 132

Security Affairs

MARCH 1, 2024

Multiple threat actors are chaining these issues to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges. Government experts also reported that the exploitation of the flaw can allow threat actors to maintain root-level persistence. ” reads the advisory. x), Policy Secure (9.x,

Authentication 119

Authentication Cyber threats VPN Government 119