Government and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

So maybe you’ve heard of VPNs but aren’t actually sure what they are. Simply put, a VPN creates a safe, anonymous pathway for the data you send and receive over a Wi-Fi network, allowing you to browse anonymously and access content as if you were in a different location. Do you really need a VPN for personal use? Why use a VPN?

VPN

VPN Antivirus Internet Internet

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Malwarebytes

APRIL 3, 2025

That’s according to a report from the non-profit Tech Transparency Project (TTP), who investigated the top 100 mobile VPN apps downloaded from Apple’s App Store as documented by mobile intelligence company AppMagic. Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world.

VPN

VPN Mobile Government Technology

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. government.

VPN

VPN Government Cybercrime Internet

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. ” continues the alert.

VPN

VPN Government Authentication Advertising

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN

VPN Government Hacking Accountability

Apple Removes VPN Apps from Russian App Store Amid Government Pressure

The Hacker News

JULY 7, 2024

Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported. It's worth noting that NordVPN previously shut

VPN

VPN Government Mobile Media

Surveillance of the Internet Backbone

Schneier on Security

AUGUST 25, 2021

It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity. In the hands of some governments, that could be dangerous. Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data.

Internet

Internet Internet Surveillance VPN

App Stores OK’ed VPNs Run by China PLA

Security Boulevard

APRIL 3, 2025

is the shady entity behind a clutch of free VPN appswith over a million downloads. The post App Stores OKed VPNs Run by China PLA appeared first on Security Boulevard. Bad Apple: Chinese firm banned by the U.S.

VPN

VPN Social Engineering Data privacy Engineering

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks.

VPN

VPN Passwords Software Telecommunications

21 million free VPN users’ data exposed

Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. So this is a mess, and a timely reminder of why trust in a VPN provider is so crucial. Past VPN errors.

VPN

VPN Passwords Internet Internet

5 common VPN myths busted

Malwarebytes

MARCH 11, 2021

Virtual Private Networks ( VPN s) are popular but often misunderstood. VPNs are for illegal activity. Some people think that VPNs are only useful for doing things like torrenting, accessing geo-locked content, or getting around work/school/government firewalls. I don’t need a mobile VPN.

VPN

VPN Encryption Mobile Surveillance

NSA, CISA release guidance on hardening remote access via VPN solutions

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN

VPN Government Firmware Authentication

Oops! Simple Typo Causes Over 100,000 Sensitive US Military Emails To Be Delivered To Pro-Russia Government Of Mali

Joseph Steinberg

JULY 17, 2023

Among the leaked data were briefings on domestic US terrorism marked “For Official Use Only,” a global counter-terrorism assessment document with the words “Not Releasable to the Public or Foreign Governments” on its cover, crew lists for ships, and maps and photos of military bases. Now that the government of Mali is administering the.ML

Government

Government Artificial Intelligence Technology VPN

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

The Last Watchdog

SEPTEMBER 13, 2021

Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. This development is part and parcel of rising the trend of VPN providers hustling to deliver innovative “DIY security” services into the hands of individual consumers.

Antivirus

Antivirus VPN Marketing Digital transformation

Russian internet watchdog Roskomnadzor bans six more VPN services

Security Affairs

DECEMBER 2, 2021

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. SecurityAffairs – hacking, VPN services). Pierluigi Paganini.

VPN

VPN Internet Internet Media

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

U.S. CISA: hackers breached a state government organization

Security Affairs

FEBRUARY 16, 2024

CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The government experts conducted an incident response assessment of the state government organization after its documents were posted on the dark web.

Government

Government VPN Accountability Authentication

North Korean Hackers Exploit VPN Vulnerabilities to Breach Networks

Penetration Testing

AUGUST 11, 2024

Cybercriminal groups supported by the North Korean government, such as Kimsuky (APT43) and Andariel (APT45), have recently escalated cyberattacks on South Korea’s construction and engineering sectors.

VPN

VPN Engineering Government Cybersecurity

China-linked APT groups targets orgs via Pulse Secure VPN devices

Security Affairs

MAY 28, 2021

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information.

VPN

VPN Government Malware Hacking

U.S. State Government Network Breached via Former Employee's Account

The Hacker News

FEBRUARY 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.

Government

Government Accountability VPN Authentication

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

VPN

VPN Government Malware Manufacturing

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities. The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts.

Passwords

Passwords Wireless VPN Accountability

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

The global impact of the Fortinet 50.000 VPN leak posted online

Security Affairs

NOVEMBER 27, 2020

The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. Geomap of impacted countries.

VPN

VPN Banking Passwords Malware

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. government on multiple occasions over the past five years.

Antivirus

Antivirus VPN Encryption Malware

The ‘Groove’ Ransomware Gang Was a Hoax

Krebs on Security

NOVEMBER 2, 2021

government interests online. 22 post from Groove calling for attacks on the United States government sector. Some security experts said the post of the Fortinet VPN usernames and passwords was aimed at drawing new affiliates to Groove. government sector and they eat it up. government interests.

Ransomware

Ransomware Cybercrime VPN Media

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “In reads the report published by FireEye. Pierluigi Paganini.

VPN

VPN Government Authentication Cybersecurity

Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The vendor recommends to disable SSL VPN as a workaround. “Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). ” reads the advisory.

VPN

VPN Firmware Malware Government

Should You Always Use a VPN?

Identity IQ

OCTOBER 17, 2023

Should You Always Use a VPN? IdentityIQ Using a virtual private network (VPN) can help keep you safe and anonymous online. It’s a good idea to always keep your VPN active for maximum protection, but there are certain scenarios when you might need to temporarily shut it off. Here’s what you need to know about VPNs.

VPN

VPN Identity Theft Internet Internet

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. The Chinese hackers have also ramped up the use of zero-day vulnerabilities in targeted devices.

Firmware

Firmware Government Firewall Malware

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Weekly Update 166

Troy Hunt

NOVEMBER 24, 2019

References The Norwegian government is now on HIBP (that's now the 6th gov, the 7th will be announced in the coming days) Banks are communicating in precisely the fashion they're warning their customers about (is it a phish, or banks comms? A VPN can't solve this issue, but it's a great first step. Mass surveillance is a reality.

VPN

VPN Banking Surveillance Data breaches

Secure Your Online Privacy: How to Choose the Best VPN in 2023

CyberSecurity Insiders

MARCH 21, 2023

However, with so many VPN providers available, it can be challenging to choose the best VPN for your needs. In this article, we will guide you through the process of choosing the best VPN for your needs. The first step in choosing the best VPN is to determine your needs. Or do you need a VPN for general internet use?

VPN

VPN Internet Internet Encryption

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN

VPN Banking Cybercrime Internet

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk

Risk VPN Internet Internet

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 ” continues the advisory.

Telecommunications

Telecommunications Government Mobile Cyber threats

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN

VPN Authentication Small Business Telecommunications

US government is snooping on people via phone push notifications, says senator

Malwarebytes

DECEMBER 7, 2023

And, since Apple and Google serve as intermediaries in the delivery of these push notifications this puts them in “a unique position to facilitate government surveillance of how users are using particular apps, “ wrote Senator Wyden. Keep your online privacy yours by using Malwarebytes Privacy VPN.

Government

Government Surveillance Accountability VPN

How to choose the best VPN for security and privacy

CSO Magazine

APRIL 21, 2022

And as the war in Ukraine continues, more people are turning to VPNs to get around blocks imposed by Russia and other authoritarian governments, such as that shown by Cloudflare’s data on VPN usage. Thanks to the pandemic, we have more remote workers than ever, and they need more sophisticated protection.

VPN

VPN Government

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

OCTOBER 17, 2023

As a result, the government was able to charge Golestan with 20 counts of wire fraud — one for each payment made by the phony companies that bought the IP addresses from ARIN. Prosecutors showed that each of those shell companies involved the production of notarized affidavits in the names of people who didn’t exist.

Internet

Internet Internet VPN Marketing

North Korean cyber attacks income and free VPN data breach

CyberSecurity Insiders

JUNE 6, 2023

According to a report published by Japanese news resource Nikkei, it has been revealed that the North Korean government is actively engaging in cyber attacks on the digital infrastructure of its adversaries. The post North Korean cyber attacks income and free VPN data breach appeared first on Cybersecurity Insiders.

Data breaches

Data breaches VPN Cyber Attacks Cryptocurrency

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

Firewall

Firewall Government VPN Authentication

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Do you actually need a VPN? Your guide to staying safe online!

Trending Sources

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Is Your Computer Part of ‘The Largest Botnet Ever?’

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

APT hacked a US municipal government via an unpatched Fortinet VPN

Apple Removes VPN Apps from Russian App Store Amid Government Pressure

Surveillance of the Internet Backbone

App Stores OK’ed VPNs Run by China PLA

Hackers Were Inside Citrix for Five Months

21 million free VPN users’ data exposed

5 common VPN myths busted

NSA, CISA release guidance on hardening remote access via VPN solutions

Oops! Simple Typo Causes Over 100,000 Sensitive US Military Emails To Be Delivered To Pro-Russia Government Of Mali

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

Russian internet watchdog Roskomnadzor bans six more VPN services

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

U.S. CISA: hackers breached a state government organization

North Korean Hackers Exploit VPN Vulnerabilities to Breach Networks

China-linked APT groups targets orgs via Pulse Secure VPN devices

U.S. State Government Network Breached via Former Employee's Account

China’s Volt Typhoon botnet has re-emerged

Chinese threat actors use Quad7 botnet in password-spray attacks

A Deep Dive Into the Residential Proxy Service ‘911’

The global impact of the Fortinet 50.000 VPN leak posted online

Adventures in Contacting the Russian FSB

The ‘Groove’ Ransomware Gang Was a Hoax

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Should You Always Use a VPN?

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Weekly Update 166

Secure Your Online Privacy: How to Choose the Best VPN in 2023

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Treasury Sanctions Creators of 911 S5 Proxy Botnet

CISA Order Highlights Persistent Risk at Network Edge

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

US government is snooping on people via phone push notifications, says senator

How to choose the best VPN for security and privacy

Tech CEO Sentenced to 5 Years in IP Address Scheme

North Korean cyber attacks income and free VPN data breach

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Stay Connected