InfoSec, Ransomware and VPN - Cyber Security Informer

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. yanluowang ransomware has posted #Cisco to its leaksite.

Ransomware

Ransomware Hacking VPN Phishing

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

CISA’s mandate follows a slew of recent attacks wherein attackers exploited zero-day flaws in popular networking products to conduct ransomware and cyber espionage attacks on victim organizations. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk

Risk VPN Internet Internet

HelloKitty ransomware gang targets vulnerable SonicWall devices

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware

Ransomware Firmware Mobile InfoSec

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware

Ransomware Hacking Engineering Manufacturing

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The flaw can be used in combination with the CVE-2019-11539 remote command injection issue gain access to private VPN networks. SecurityAffairs – Pulse Secure VPN , hacking).

VPN

VPN InfoSec Advertising Cybersecurity

Friday Five 7/2

Digital Guardian

JULY 2, 2021

Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!

InfoSec

InfoSec VPN Ransomware

Friday Five 11/18

Digital Guardian

NOVEMBER 19, 2021

shares some new ransomware statistics, the FBI warns about a new VPN zero day, and more - catch up on the infosec news of the week with the Friday Five!

InfoSec

InfoSec VPN Ransomware

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS

DDOS VPN Data breaches Cybercrime

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

On Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. campuscodi @vxunderground #cybersecurity #infosec @Microsoft pic.twitter.com/FAYl9Y29QT — Dominic Alvieri (@AlvieriD) March 20, 2022.

Hacking

Hacking InfoSec Telecommunications Cybercrime

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

SecureWorld News

MARCH 17, 2022

For example, don't underestimate for a second how valuable targeting data and how much targeting data that the ransomware actors obtain when they hack into one of their victims and steal all their internal data. Key takeaway #3: Social engineering is the most powerful attack vector against InfoSec protocols.

InfoSec

InfoSec Social Engineering Phishing Cybercrime

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

This English-speaking collective previously served as an affiliate for ransomware group “ALPHV” and now partners with “RansomHub.” We attributed the incident with high confidence to “Scattered Spider,” an English-speaking collective acting as an affiliate for the ransomware group “RansomHub.”

Social Engineering

Social Engineering Engineering Accountability Backups

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication

Authentication Risk Social Engineering InfoSec

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 25, 2022

The State of Security

MAY 2, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 25, 2022. I’ve also included some comments on these stories.

InfoSec

InfoSec Cybersecurity VPN Ransomware

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

Further evolution of cyberthreats as a response to infosec tools and measures. Extortion and ransomwaring of those able and willing to pay up. In 2021, for instance, we have seen many industries brought to a standstill and tens of millions of dollars paid out to ransomwarers. Update firewalls and SSL VPN gateways in good time.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Hurrah – It’s (patch) Tuesday!

IT Security Guru

MAY 10, 2021

This past years’ bout of VPN related breaches is a great example, especially as patches were available over a year ago. At the end of 2019, it was hit by a Ransomware attack that took its systems offline for a week – along with a major hit on its reputations. Trials of Travelex. First audit.

VPN

VPN Software InfoSec Firmware

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. This year we saw the reemergence of old vectors: from ransomware & trojans, to supply chain attacks. A new panel with VPN metrics has been added.

Technology

Technology Firewall VPN Authentication

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

Pen Test Partners

JULY 1, 2024

There has been a lot of talk on various infosec news feeds about the RegreSSHion vulnerability. This leaves vulnerable systems open to malware, ransomware, Denial of Service (DoS) attacks and other attacks. The CVE is a high-severity remote unauthenticated code execution vulnerability affecting glibc-based Linux systems.

InfoSec

InfoSec Authentication VPN Firewall

Security Roundup October 2021

BH Consulting

OCTOBER 12, 2021

Easy as RDP: attacks mount as ransomware gangs seek out easy access. Worried about ransomware? RDP is one of the main attack vectors that ransomware gangs are using to infiltrate organisations. We also cover this attack vector in our comprehensive white paper on ransomware. Who isn’t these days?

VPN

VPN Ransomware InfoSec Scams

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

This English-speaking collective previously served as an affiliate for ransomware group “ALPHV” and now partners with “RansomHub.” We attributed the incident with high confidence to “Scattered Spider,” an English-speaking collective acting as an affiliate for the ransomware group “RansomHub.”

Social Engineering

Social Engineering Engineering Accountability Backups

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Security Boulevard

APRIL 22, 2025

This represents a 34% increase over last years report and is driven in part by the zero-day exploitation of VPN and edge device vulnerabilities asset classes that traditional endpoint detection and response (EDR) vendors struggle to assess effectively. Security isnt just for infosec professionals its everyones responsibility.

Energy and Utilities

Energy and Utilities Authentication Data breaches VPN

Was This the World's First Fatal Cyberattack?

SecureWorld News

SEPTEMBER 21, 2020

A recent ransomware attack against a German hospital appears to have made this prediction a reality. Patient dies following ransomware attack on German hospital. The ransomware attack hit the Düsseldorf University Hospital in early September 2020 and shut down its network. 3 things we know about the fatal ransomware attack.

Ransomware

Ransomware Marketing VPN Healthcare

DDoS attacks in Q2 2022

SecureList

AUGUST 3, 2022

The incident prompted the school district administration to contract a specialized infosec provider for DDoS protection. In particular, they use VPN, proxy servers, and infected devices located in the same region as the target to render blocking pointless. As usual, the gaming industry was targeted too.

DDOS

DDOS Government Marketing IoT

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

There’s an online war in Ukraine, one that you haven’t heard much about because that country is holding its own with an army of infosec volunteers worldwide. RSAC also attracts some of the top researchers in infosec. Instead we have these faceless ransomware groups. Vamosi:Ransomware is profitable today.

Cybercrime

Cybercrime Government Ransomware Hacking

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. Read on to learn about his journey and how he leads his team: What were you doing when you got your first taste of cybersecurity?

CISO

CISO Healthcare InfoSec Computers and Electronics

Cyber Security Informer

Cisco was hacked by the Yanluowang ransomware gang

CISA Order Highlights Persistent Risk at Network Edge

Webinars

Trending Sources

HelloKitty ransomware gang targets vulnerable SonicWall devices

Webinars

Rhysida ransomware gang claimed China Energy hack

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Friday Five 7/2

Friday Five 11/18

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Lapsus$ gang claims to have hacked Microsoft source code repositories

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

Scattered Spider x RansomHub: A New Partnership

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 25, 2022

Threats to ICS and industrial enterprises in 2022

Hurrah – It’s (patch) Tuesday!

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

Security Roundup October 2021

Scattered Spider x RansomHub: A New Partnership

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

Was This the World's First Fatal Cyberattack?

DDoS attacks in Q2 2022

The Hacker Mind Podcast: The Fog of Cyber War

Cisco’s CISO of the Month – Esmond Kane

Stay Connected