The Hacker News

SEPTEMBER 3, 2024

A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.

VPN 132

VPN Software Malware Engineering 132

The Hacker News

FEBRUARY 28, 2024

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances.

VPN 144

VPN Malware 144

The Hacker News

AUGUST 30, 2024

Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.

VPN 127

VPN Malware Encryption Cybersecurity 127

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 136

VPN Malware Authentication Hacking 136

Security Boulevard

SEPTEMBER 20, 2024

million stolen VPN passwords have been compromised by malware in the past year, highlighting a growing risk for unauthorized access to secure networks, according to a Specops Software report. The post More Than Two Million Stolen VPN Passwords Discovered appeared first on Security Boulevard. More than 2.1

VPN 138

VPN Passwords Malware Software 138

Security Boulevard

APRIL 3, 2025

is the shady entity behind a clutch of free VPN appswith over a million downloads. The post App Stores OKed VPNs Run by China PLA appeared first on Security Boulevard. Bad Apple: Chinese firm banned by the U.S.

VPN 121

VPN Social Engineering Data privacy Engineering 121

Bleeping Computer

AUGUST 5, 2024

South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks. [.]

VPN 117

VPN Malware Software 117

The Last Watchdog

SEPTEMBER 13, 2021

Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. Related: Turning humans into malware detectors. LW: Why are consumer VPNs generally in a good position to fill this gap? Which was fine when you had only a handful of VPN users or uses.

Antivirus 200

Antivirus VPN Marketing Digital transformation 200

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 239

Malware VPN Internet Internet 239

The Hacker News

NOVEMBER 15, 2024

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA.

VPN 132

VPN Malware 132

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities.

VPN 128

VPN Malware Authentication Small Business 128

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. Authorities discovered that over 1 200 servers in dozens of countries were running the malware. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft 125

Identity Theft Passwords Malware Banking 125

eSecurity Planet

MARCH 10, 2025

Disguised as a legitimate bypass tool The malware campaign exploits users need to overcome online restrictions. Additionally, by using process hollowing techniques to inject the miner code into legitimate system processes like dwm.exe, the malware remains stealthy and is controlled remotely through a web panel.

VPN 52

VPN Antivirus Cryptocurrency Malware 52

Trend Micro

MARCH 28, 2023

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022.

Malware 141

Malware VPN Cryptocurrency 141

SecureWorld News

SEPTEMBER 4, 2022

As the internet rapidly expanded, so did viruses, malware and a plethora of attacks targeting end users and even their networks. This called for a standard that not only maintained privacy through encryption but also prevented malware all while affording users the ability to connect to their sensitive data from anywhere in the world.

VPN 145

VPN Internet Internet Encryption 145

Adam Levin

DECEMBER 16, 2020

Here are 12 New Year Resolutions for a safer and more secure digital you in 2021: Think before you click that email link: 2020 was a record-breaking year for ransomware, malware, and phishing , and many, if not most of these attacks were launched with the click on a link in an email. That’s always the case when it comes to cybersecurity.

VPN 245

VPN Antivirus Passwords Backups 245

Security Affairs

FEBRUARY 20, 2025

Orange Cyberdefense CERT uncovered a malware campaign, tracked as The Green Nailao campaign, that targeted European organizations, including healthcare, in late 2024, using ShadowPad , PlugX , and the previously undocumented NailaoLocker ransomware. This launches the malware routine.” ” continues the report.

Healthcare 86

Healthcare Ransomware VPN Malware 86

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN 353

VPN Computers and Electronics Antivirus Software 353

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 336

Antivirus VPN Encryption Malware 336

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 301

Malware Passwords Accountability Advertising 301

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 63

Malware Spyware Antivirus VPN 63

eSecurity Planet

AUGUST 2, 2022

Linux malware is skyrocketing and now surpasses both macOS and Android, according to a new report, suggesting that cybercriminals are increasingly targeting the open source operating system. The Linux malware growth has occurred even as Windows, Android and macOS have all seen a decline in new malware samples.

Malware 141

Malware VPN Encryption Marketing 141

Penetration Testing

APRIL 3, 2025

The The post CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware appeared first on Daily CyberSecurity. Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products.

Malware 84

Malware Cybersecurity VPN 84

The Hacker News

MARCH 20, 2025

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. What's intriguing about this malware is how much it collects," Kaspersky said in an analysis. "It

Malware 127

Malware VPN Accountability 127

The Hacker News

JANUARY 12, 2024

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023.

VPN 110

VPN Malware Authentication 110

Penetration Testing

NOVEMBER 15, 2024

Cybersecurity firm Volexity has uncovered a zero-day vulnerability in Fortinet’s Windows VPN client, FortiClient, being exploited by the BrazenBamboo Advanced Persistent Threat (APT) group.

VPN 132

VPN Cybersecurity Malware 132

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 130

Backups VPN Ransomware Authentication 130

Tech Republic Security

MAY 13, 2020

With the shift toward remote working, cybercriminals have been targeting exploits in VPN, Internet of Things, and authentication technology, says cybersecurity firm Nuspire.

VPN 195

VPN Malware Authentication Internet 195

Security Affairs

NOVEMBER 13, 2024

Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

VPN 123

VPN Government Malware Manufacturing 123

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The vendor recommends to disable SSL VPN as a workaround. “Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). ” reads the advisory.

VPN 132

VPN Firmware Malware Government 132

Krebs on Security

MAY 28, 2024

Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5 , an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. based startup that tracks proxy and VPN services.

VPN 286

VPN Banking Cybercrime Internet 286

The Hacker News

JANUARY 30, 2024

A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2)

VPN 108

VPN Malware 108

Schneier on Security

APRIL 7, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. For the last couple of months coronavirus-themed malware and phishing scams have been on the rise.

Cybersecurity 274

Cybersecurity VPN Scams Phishing 274

Security Affairs

AUGUST 11, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 124

Malware Spyware VPN Banking 124

Penetration Testing

AUGUST 11, 2024

This surge in attacks... The post North Korean Hackers Exploit VPN Vulnerabilities to Breach Networks appeared first on Cybersecurity News.

VPN 124

VPN Engineering Government Cybersecurity 124

Krebs on Security

OCTOBER 8, 2020

Each day, millions of malware-laced emails are blasted out containing booby-trapped attachments. From there, the infected system will report home to a malware control server operated by the spammers who sent the missive. Samuil is the handle used by the proprietor of multi-vpn[.]biz ” WHO IS DR. SAMUIL?

Cybercrime 354

Cybercrime Malware VPN Ransomware 354

Security Affairs

MARCH 10, 2025

Moonstone Sleet threat actors target financial and cyberespionage victims using trojanized software, custom malware, malicious games, and fake companies like StarGlow Ventures and C.C. The APT group has also spread malware via a fraudulent tank game (DeTankWar) and engaged in ransomware attacks using FakePenny.

Ransomware 118

Ransomware VPN Healthcare Malware 118