Software and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

Security Affairs

NOVEMBER 19, 2024

Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. ” reads the advisory.

VPN

VPN Malware Spyware Passwords

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

So maybe you’ve heard of VPNs but aren’t actually sure what they are. Simply put, a VPN creates a safe, anonymous pathway for the data you send and receive over a Wi-Fi network, allowing you to browse anonymously and access content as if you were in a different location. Do you really need a VPN for personal use? Why use a VPN?

VPN

VPN Antivirus Internet Internet

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. Citrix’s letter was prompted by laws in virtually all U.S.

VPN

VPN Passwords Software Telecommunications

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. government, they were unaware,” Leatherman said.

VPN

VPN Government Cybercrime Internet

Surfshark VPN Review (2023): Features, Pricing, and More

Tech Republic Security

JUNE 30, 2023

TechRepublic's review of VPN software Surfshark looks at pricing, features and pros and cons of the product. The post Surfshark VPN Review (2023): Features, Pricing, and More appeared first on TechRepublic.

VPN

VPN Software Cybersecurity

Vulnerability in Popular VPN Software Could Lead to Crashes and Service Disruptions

Penetration Testing

APRIL 15, 2024

A newly discovered vulnerability in Libreswan, a widely used open-source VPN (Virtual Private Network) software, could leave systems open to crashes and potential denial of service attacks, say researchers.

VPN

VPN Software Penetration Testing Risk

More Than Two Million Stolen VPN Passwords Discovered

Security Boulevard

SEPTEMBER 20, 2024

million stolen VPN passwords have been compromised by malware in the past year, highlighting a growing risk for unauthorized access to secure networks, according to a Specops Software report. The post More Than Two Million Stolen VPN Passwords Discovered appeared first on Security Boulevard. More than 2.1

VPN

VPN Passwords Malware Software

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. .

VPN

VPN Computers and Electronics Antivirus Software

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack

The Hacker News

SEPTEMBER 3, 2024

A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.

VPN

VPN Software Malware Engineering

20 VPN subscriptions and bundles on sale now

Tech Republic Security

JULY 13, 2022

Keep your internet connection behind lock and key with these 20 VPN subscriptions and bundles offered through TechRepublic Academy. The post 20 VPN subscriptions and bundles on sale now appeared first on TechRepublic.

VPN

VPN Internet Internet Software

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

The Last Watchdog

SEPTEMBER 13, 2021

Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. This development is part and parcel of rising the trend of VPN providers hustling to deliver innovative “DIY security” services into the hands of individual consumers.

Antivirus

Antivirus VPN Marketing Digital transformation

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. Some of these VPNs were running unsupported software versions.”

Backups

Backups VPN Ransomware Authentication

The top 6 enterprise VPN solutions to use in 2023

Tech Republic Security

MAY 16, 2023

Enterprise VPNs are critical for connecting remote workers to company resources via reliable and secure links to foster communication and productivity. The post The top 6 enterprise VPN solutions to use in 2023 appeared first on TechRepublic. Read about six viable choices for businesses.

VPN

VPN Software

ProtonVPN vs. AtlasVPN (2023): Which VPN Should You Use?

Tech Republic Security

SEPTEMBER 26, 2023

Which VPN is better, ProtonVPN or AtlasVPN? Read our in-depth comparison to decide which one fits you in terms of pricing, key features and more.

VPN

VPN Software Network Security

This lifetime VPN for $40 can protect all of your devices

Tech Republic Security

MARCH 24, 2022

Stay safe while browsing with a VPN that goes with you and all your internet-connected electronics. The post This lifetime VPN for $40 can protect all of your devices appeared first on TechRepublic. Get a lifetime subscription on sale now.

VPN

VPN Internet Internet Software

Work smarter and safer from anywhere with Getflix VPN

Tech Republic Security

JUNE 8, 2022

Getflix Smart DNS & VPN has you covered. The post Work smarter and safer from anywhere with Getflix VPN appeared first on TechRepublic. Need to be able to work from anywhere without compromising on security or speed?

VPN

VPN DNS Software Network Security

Norton vs McAfee: Compare Antivirus Software 2025

eSecurity Planet

NOVEMBER 12, 2024

Aside from antivirus, Norton offers ransomware and hacking protection, privacy monitoring, and a VPN. Norton has multiple training videos and help articles for using the software, and it offers phone, email, and chat options for customer support. McAfee Essential offers web browsing protection, VPN, and identity monitoring.

Antivirus

Antivirus Software Identity Theft VPN

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

AUGUST 21, 2020

The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. authenticate the phone call before sensitive information can be discussed.

VPN

VPN Social Engineering Authentication Engineering

How to install the NordLayer VPN client on Linux and connect it to a virtual network

Tech Republic Security

MAY 4, 2022

If you're looking to employ a solid VPN service for remote workers, NordLayer VPN is an outstanding option. The post How to install the NordLayer VPN client on Linux and connect it to a virtual network appeared first on TechRepublic. Find out how to install and use the client on both Ubuntu Desktop and Fedora 36.

VPN

VPN Software

Don’t browse on public Wi-Fi without a VPN

Tech Republic Security

FEBRUARY 17, 2022

Whether you're a business or a private individual, you need a VPN. The post Don’t browse on public Wi-Fi without a VPN appeared first on TechRepublic. Cybersecurity is critical in today's online world. Try this one while it's on sale.

VPN

VPN Cybersecurity Software

Best Anti-Pharming Software For 2025

SecureBlitz

MARCH 12, 2025

Are you looking for the best anti-pharming software? Therefore, using reliable anti-pharming software is the best way to prevent this. The term pharming comes from combining two words: phishing because […] The post Best Anti-Pharming Software For 2025 appeared first on SecureBlitz Cybersecurity.

Software

Software Phishing Cybersecurity Antivirus

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools

eSecurity Planet

MARCH 10, 2025

Over 2,000 users have been infected through seemingly harmless archives and installation instructions that urge victims to disable their security software, exposing their systems to persistent, hidden threats. Educating employees about the dangers of disabling security software and scrutinizing unsolicited installation instructions is vital.

VPN

VPN Antivirus Cryptocurrency Malware

Work-from-Home Security Advice

Schneier on Security

MARCH 19, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Three, employees are more likely to access their organizational networks insecurely.

VPN

VPN Network Security Accountability Hacking

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Security Affairs

SEPTEMBER 6, 2023

Experts warn of an Atlas VPN zero-day flaw impacting the Linux client that can reveal the user’s IP address by visiting a website. A Reddit user with the handle ‘Educational-Map-8145’ published a proof of concept exploit for a zero-day flaw in the Linux client of Atlas VPN.

VPN

VPN Education Authentication Engineering

The top 6 enterprise VPN solutions to use in 2023

Tech Republic Security

MAY 24, 2023

Enterprise VPNs are critical for connecting remote workers to company resources via reliable and secure links to foster communication and productivity. The post The top 6 enterprise VPN solutions to use in 2023 appeared first on TechRepublic. Read about six viable choices for businesses.

VPN

VPN Software

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus

Antivirus VPN Encryption Malware

Enjoy greater online freedom with Atlas VPN

Tech Republic Security

MAY 26, 2022

The post Enjoy greater online freedom with Atlas VPN appeared first on TechRepublic. Protect yourself online with this two-year subscription to the Atlas virtual private network.

VPN

VPN Software Network Security

Get a lifetime of VPN protection for just $60

Tech Republic Security

SEPTEMBER 19, 2022

The post Get a lifetime of VPN protection for just $60 appeared first on TechRepublic. Grab a special deal on the secure Ivacy virtual private network and NAT firewall today.

VPN

VPN Firewall Software Network Security

Free VPN apps on Google Play turned Android phones into proxies

Bleeping Computer

MARCH 26, 2024

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. [.]

VPN

VPN Cybercrime Software Mobile

North Korean hackers exploit VPN update flaw to install malware

Bleeping Computer

AUGUST 5, 2024

South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks. [.]

VPN

VPN Malware Software

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 25, 2024

is a Denial of Service (DoS) issue that impacts the Remote Access VPN (RAVPN) service of ASA and FTD. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. Services that are not related to VPN are not affected.” in the open-source Roundcube webmail software.

VPN

VPN Firewall Technology Passwords

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

The Hacker News

MARCH 8, 2024

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user.

VPN

VPN Software

NordLayer makes it easy for businesses to add VPN technology to remote workers

Tech Republic Security

MAY 26, 2022

Your enterprise needs a VPN. The post NordLayer makes it easy for businesses to add VPN technology to remote workers appeared first on TechRepublic. Consider NordLayer as your solution.

VPN

VPN Technology Software Network Security

Free VPN apps turn Android phones into criminal proxies

Malwarebytes

APRIL 1, 2024

Researchers at HUMAN’s Satori Threat Intelligence have discovered a disturbing number of VPN apps that turn users’ devices into proxies for cybercriminals without their knowledge, as part of a camapign called PROXYLIB. Keep your online privacy yours by using Malwarebytes Privacy VPN.

VPN

VPN Advertising Mobile Marketing

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN

VPN Banking Cybercrime Internet

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN

VPN Malware Authentication Hacking

Should You Always Use a VPN?

Identity IQ

OCTOBER 17, 2023

Should You Always Use a VPN? IdentityIQ Using a virtual private network (VPN) can help keep you safe and anonymous online. It’s a good idea to always keep your VPN active for maximum protection, but there are certain scenarios when you might need to temporarily shut it off. Here’s what you need to know about VPNs.

VPN

VPN Identity Theft Internet Internet

Cybersecurity During COVID-19

Schneier on Security

APRIL 7, 2020

If the organization is lucky, they will have already set up a VPN for remote access. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. Employees using unfamiliar software will get settings wrong and leave themselves open to breaches.

Cybersecurity

Cybersecurity VPN Scams Phishing

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software. Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities.

Identity Theft

Identity Theft Passwords Malware Banking

How Does a VPN Work? A Comprehensive Beginner’s Overview

eSecurity Planet

AUGUST 27, 2024

A virtual private network (VPN) does more than just mask your identity—it fundamentally changes how your data moves across the internet. But what’s really going on under the hood when you browse the web using a VPN? Step 3: Data Transmission to the VPN Server The encrypted data is then transmitted to the VPN server.

VPN

VPN Encryption Internet Internet

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

Moonstone Sleet threat actors target financial and cyberespionage victims using trojanized software, custom malware, malicious games, and fake companies like StarGlow Ventures and C.C. Additionally, they attempt to infiltrate organizations by posing as software developers seeking employment.

Ransomware

Ransomware VPN Healthcare Malware

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

Webinars

Trending Sources

Do you actually need a VPN? Your guide to staying safe online!

Webinars

Hackers Were Inside Citrix for Five Months

Is Your Computer Part of ‘The Largest Botnet Ever?’

Surfshark VPN Review (2023): Features, Pricing, and More

Vulnerability in Popular VPN Software Could Lead to Crashes and Service Disruptions

More Than Two Million Stolen VPN Passwords Discovered

A Deep Dive Into the Residential Proxy Service ‘911’

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack

20 VPN subscriptions and bundles on sale now

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

The top 6 enterprise VPN solutions to use in 2023

ProtonVPN vs. AtlasVPN (2023): Which VPN Should You Use?

This lifetime VPN for $40 can protect all of your devices

Work smarter and safer from anywhere with Getflix VPN

Norton vs McAfee: Compare Antivirus Software 2025

FBI, CISA Echo Warnings on ‘Vishing’ Threat

How to install the NordLayer VPN client on Linux and connect it to a virtual network

Don’t browse on public Wi-Fi without a VPN

Best Anti-Pharming Software For 2025

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools

Work-from-Home Security Advice

A zero-day in Atlas VPN Linux Client leaks users’ IP address

The top 6 enterprise VPN solutions to use in 2023

Adventures in Contacting the Russian FSB

Enjoy greater online freedom with Atlas VPN

Get a lifetime of VPN protection for just $60

Free VPN apps on Google Play turned Android phones into proxies

North Korean hackers exploit VPN update flaw to install malware

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

NordLayer makes it easy for businesses to add VPN technology to remote workers

Free VPN apps turn Android phones into criminal proxies

Voice Phishers Targeting Corporate VPNs

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Multiple malware used in attacks exploiting Ivanti VPN flaws

Should You Always Use a VPN?

Cybersecurity During COVID-19

International law enforcement operation dismantled RedLine and Meta infostealers

How Does a VPN Work? A Comprehensive Beginner’s Overview

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Stay Connected