Security Affairs

APRIL 10, 2023

Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. Threat actors masqueraded the attacks as a standard ransomware operation. Both groups used MULLVAD VPN. The attackers were able to interfere with security tools using Group Policy Objects (GPO).

Ransomware 98

Ransomware Cybercrime VPN Education 98

Security Boulevard

FEBRUARY 11, 2021

Most companies were unprepared to secure an entirely remote workforce, relying on remote desktop protocol (RDP) and strained VPN infrastructures, leaving workers ripe for attack. Ransomware was particularly successful, with estimates that attacks cost businesses $20 billion worldwide in 2020.

Ransomware 52

Ransomware Backups VPN Security Defenses 52

eSecurity Planet

AUGUST 28, 2023

August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. Sophos researchers first flagged this in May, and another researcher later noted that multiple other Cisco VPN instances had been compromised.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

AUGUST 28, 2023

August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. Sophos researchers first flagged this in May, and another researcher later noted that multiple other Cisco VPN instances had been compromised.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

MAY 2, 2024

Fortunately, vendor surveys identify five key cybersecurity threats to watch for in 2024: compromised credentials, attacks on infrastructure, organized and advanced adversaries, ransomware, and uncontrolled devices. No specific tool exists to defend specifically against nation state attacks, ransomware gangs, or hacktivists.

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

eSecurity Planet

AUGUST 21, 2023

Note that not all of these venues are inherently or perfectly secure — they have vulnerabilities and require additional protective measures. Even VPN, while marketed as a security tool, has weaknesses of its own. Why Is Securing Access for Remote Workers So Important? Read more about the different types of remote access.

VPN 98

VPN Passwords Software Technology 98

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication 121

Authentication VPN Software DDOS 121

eSecurity Planet

OCTOBER 10, 2024

Unlike traditional antivirus programs, which primarily focus on viruses, anti-malware solutions address a wider array of threats, including spyware, adware, ransomware, and trojans. While primarily focused on Mac security, it may lack some extensive features in more comprehensive suites like VPN services.

Software 63

Software Malware Antivirus Spyware 63

eSecurity Planet

JULY 15, 2024

GitLab disclosed a pipeline flaw and Veeam addressed flaws exploited in active ransomware attacks. To reduce the risks caused by these vulnerabilities, affected users should apply patches, upgrade software, and strengthen security measures as soon as possible. Palo Alto patched an admin takeover bug.

Authentication 110

Authentication Backups Software Risk 110

eSecurity Planet

SEPTEMBER 24, 2024

5 PC Matic is an endpoint and application security provider for basic antivirus and device protection. It offers features like virtual private network (VPN) security for Wi-Fi, ad blocking, and endpoint scans. The 360 Deluxe plan supports five and offers features like ransomware protection and dark web monitoring.

Antivirus 63

Antivirus VPN Firewall Password Management 63

eSecurity Planet

FEBRUARY 16, 2024

In November 2021, the FBI disclosed a FatPipe VPN exploit that enabled backdoor access via web shells. Analysts and security software frequently struggle to spot malicious activity disguised as normal ones, complicating intrusion detection and mitigation efforts. Want to strengthen your organization’s digital defenses?

Internet 115

Internet Internet Network Security Cybersecurity 115

SiteLock

AUGUST 27, 2021

That same employee might not think twice before opening an attachment in an email that appears to come from their manager, only to learn the attachment contained ransomware when it’s too late. Remind your employees of security best practices.

Security Awareness 98

Security Awareness Passwords Phishing Scams 98

eSecurity Planet

DECEMBER 7, 2023

The algorithm allows for variable key sizes and variable rounds to increase randomness and security. AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. It was updated by Chad Kime on December 7, 2023.

Encryption 115

Encryption Passwords IoT Firewall 115

eSecurity Planet

AUGUST 13, 2021

As the demand for robust security defense grows by the day, the market for cybersecurity technology has exploded, as well as the number of available solutions. Between high-profile ransomware attacks and mergers, it is a time of high stakes and great change for the industry. Cisco (CSCO) is a perennial favorite on this list.

Cybersecurity 145

Cybersecurity Firewall Marketing Encryption 145

eSecurity Planet

MARCH 17, 2023

Rootkit Scanning and Removal Product Guide 5 Best Rootkit Scanners and Removers: Anti-Rootkit Tools Virtual Private Network (VPN) Virtual private networks (VPNs) have long been used to protect and regulate user traffic for private networks on public channels.

Network Security 121

Network Security Penetration Testing Firewall Software 121

Security Boulevard

JULY 29, 2021

James Coote | Senior Consultant, F-Secure Consulting. Alfie Champion | Senior Consultant, F-Secure Consulting. Tracks : Network Security, Defense. FROM ZERO TO FULL DOMAIN ADMIN – Tracking the digital footprint of a ransomware attack—a real-world incident. Have fun and stay safe!

CISO 40

CISO Risk VPN Backups 40

eSecurity Planet

APRIL 26, 2024

Virtual private networks (VPNs): Secure remote user or branch office access to network resources through encrypted connections to firewalls or server applications. Virtual desktop infrastructure (VDI): Replaces VPN or remote desktop access with virtual desktops in fully controlled environments with additional protections.

Architecture 121

Architecture Network Security Firewall Risk 121

eSecurity Planet

MARCH 4, 2024

State actors actively attack Ivanti, Ubiquity, and Microsoft’s Windows AppLocker, and ransomware attackers probe for unpatched ScreenConnect servers in this week’s vulnerability recap. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal.

IoT 118

IoT Internet Internet Ransomware 118