Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise.

Firewall 73

Firewall Ransomware VPN Firmware 73

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at Forescout Research Vedere Labs observed a threat actors exploiting two Fortinet vulnerabilities to deploy the SuperBlack ransomware. ” reads the report.

Firewall 65

Firewall Ransomware VPN Encryption 65

Bleeping Computer

JANUARY 18, 2022

Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [.].

VPN 143

VPN Ransomware Malware 143

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 129

Backups VPN Ransomware Authentication 129

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 144

VPN Government Firmware Authentication 144

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

VPN 98

VPN Ransomware Hacking Education 98

The Hacker News

JANUARY 18, 2022

VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation.

VPN 129

VPN Cybercrime Ransomware 129

The Hacker News

AUGUST 23, 2024

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints.

Ransomware 136

Ransomware VPN Cybersecurity 136

Troy Hunt

SEPTEMBER 18, 2020

More specifically, a lot of this week's update talks about VPNs and where they still make sense with so much HTTPS all over the place these days. As I say in the vid, blog posts like the VPN one I did this week are often done to help me get my thoughts on a topic straight and a lot of things became a lot clearer for me in doing that.

VPN 286

VPN IoT Passwords Ransomware 286

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access.

VPN 98

VPN Ransomware Firewall Internet 98

Krebs on Security

MARCH 2, 2022

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti , one of the more rapacious and ruthless ransomware gangs in operation today. – Penetration Testers/Hackers: Those on the front lines battling against corporate security teams to steal data, and plant ransomware.

Ransomware 237

Ransomware Antivirus Malware Cybercrime 237

Security Affairs

SEPTEMBER 8, 2023

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. “This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features.

Ransomware 145

Ransomware VPN Authentication Hacking 145

Penetration Testing

JANUARY 24, 2024

The Danish Centre for Cyber Security (CFCS) is warning of increased ransomware activity, exploiting CVE-2023-20269, a vulnerability that affects the VPN feature in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD)... The post Denmark’s CFCS Raises Alarm on Ransomware Exploiting Cisco VPN Flaw CVE-2023-20269 (..)

VPN 99

VPN Penetration Testing Ransomware 99

Malwarebytes

JANUARY 9, 2025

Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services. million people.

Malware 121

Malware Small Business Artificial Intelligence VPN 121

Adam Levin

DECEMBER 16, 2020

Here are 12 New Year Resolutions for a safer and more secure digital you in 2021: Think before you click that email link: 2020 was a record-breaking year for ransomware, malware, and phishing , and many, if not most of these attacks were launched with the click on a link in an email. That’s always the case when it comes to cybersecurity.

VPN 245

VPN Antivirus Passwords Backups 245

The Hacker News

MAY 8, 2023

Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks.

VPN 103

VPN Ransomware Accountability Cybersecurity 103

Tech Republic Security

OCTOBER 13, 2021

A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.

Cybercrime 218

Cybercrime VPN Ransomware 218

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. SecurityAffairs – hacking, ransomware).

VPN 140

VPN Internet Internet Software 140

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 332

Antivirus VPN Encryption Malware 332

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 134

Ransomware Backups VPN Authentication 134

Security Affairs

AUGUST 31, 2023

Experts warn of ongoing credential stuffing and brute-force attacks targeting Cisco ASA (Adaptive Security Appliance) SSL VPNs. Cisco is aware of attacks conducted by Akira ransomware threat actors targeting Cisco ASA VPNs that are not configured for multi-factor authentication. ” reads a post published by Cisco PSIRT.

Authentication 136

Authentication Ransomware VPN Hacking 136

The Hacker News

OCTOBER 14, 2024

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. CVE-2024-40711, rated 9.8 out of 10.0

Ransomware 134

Ransomware VPN Backups Accountability 134

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. The other handle that appeared tied to Wazawaka was “Orange,” the founder of the RAMP ransomware forum. This post is an attempt to remedy that.

Ransomware 242

Ransomware VPN Cybercrime Accountability 242

Security Affairs

NOVEMBER 13, 2024

Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

VPN 121

VPN Government Malware Manufacturing 121

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. yanluowang ransomware has posted #Cisco to its leaksite.

Ransomware 134

Ransomware Hacking VPN Phishing 134

Krebs on Security

JUNE 15, 2023

CISA’s mandate follows a slew of recent attacks wherein attackers exploited zero-day flaws in popular networking products to conduct ransomware and cyber espionage attacks on victim organizations. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk 265

Risk VPN Internet Internet 265

Krebs on Security

OCTOBER 8, 2020

One of the most common ways such access is monetized these days is through ransomware , which holds a victim’s data and/or computers hostage unless and until an extortion payment is made. In conducting research for this story, KrebsOnSecurity learned that Dr. Samuil is the handle used by the proprietor of multi-vpn[.]biz

Cybercrime 351

Cybercrime VPN Malware Ransomware 351

Krebs on Security

MARCH 20, 2020

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. Security experts at Palo Alto Networks said Thursday their sensors detected the new Mirai variant — dubbed Mukashi — on Mar.

IoT 282

IoT DDOS VPN Firewall 282

Bleeping Computer

SEPTEMBER 8, 2023

Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations to gain initial access to corporate networks. [.]

Ransomware 122

Ransomware VPN 122

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. Yes, what you’ve read is right! As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption VPN Malware 144

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 121

Ransomware Backups VPN Authentication 121

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft 251

Identity Theft Phishing Cryptocurrency Accountability 251

Javvad Malik

NOVEMBER 1, 2021

Drop them into a large enterprise that’s been crippled by ransomware, and they’ll get it up and running in an hour using some open source software, a few lines of code and one Raspberry Pi. I heard you should use a VPN when online, can you recommend one?”. “I I heard you should use a VPN when online, can you recommend one?”. “Ha!

VPN 133

VPN Wireless Marketing Accountability 133

Security Affairs

OCTOBER 11, 2024

Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. ” concludes Sophos.

Backups 129

Backups Ransomware VPN Authentication 129

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware 137

Ransomware Firmware Mobile InfoSec 137