Thales Cloud Protection & Licensing

FEBRUARY 7, 2019

In the event a traveler does need to get online, using a virtual private network (VPN) service is a smart way to shield online behavior from potential hackers or snoops. While it may be tempting to log on to free wi-fi and avoid roaming data charges, an innocent looking network name can really be a hostile one in disguise.

Encryption 70

Encryption Digital transformation Data breaches Risk 70

Thales Cloud Protection & Licensing

APRIL 20, 2021

The FBI’s Cyber Division received as many as 4,000 complaints of digital attacks a day in H1 2020, reported by The Hill. Meanwhile, Verizon found in its MSI 2021 that less than half (47%) of respondents with a VPN installed on their devices activated it. That’s a 400% increase compared to what investigators saw prior to the pandemic.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Boulevard

DECEMBER 6, 2024

Thats according to Corvus Insurances Q3 2024 Cyber Threat Report , which said many of the ransomware attacks in Q3 leveraged outdated VPN software and poorly protected VPN gateways.

Cybersecurity 64

Cybersecurity VPN Ransomware Software 64

Digital Shadows

APRIL 8, 2025

Initial Access via VPN Brute-Forcing Up 21.3% Figure 1: Top MITRE ATT&CK initial access techniques in true-positive incidents (% of total) during reporting period During the reporting period, initial access attempts targeting external remote services like VPNs 1 , RDP, and virtual desktop infrastructure (VDI) surged by 21.3%

Cyber Attacks 66

Cyber Attacks Phishing Ransomware Accountability 66

BH Consulting

OCTOBER 12, 2021

ESET’s latest threat report (PDF) tracked a 103.9 MORE Consumers beware: VPN industry consolidation might not be good news. MORE How to choose a VPN and deploy it securely, from the US NSA and CISA. RDP is one of the main attack vectors that ransomware gangs are using to infiltrate organisations.

VPN 52

VPN Ransomware InfoSec Scams 52

Security Affairs

JANUARY 27, 2020

To access their servers for stolen data collection and their JS-sniffers’ control, they always used VPN to hide their real location and identity. According to Group-IB’s annual 2019 threat report, the number of compromised cards uploaded to underground forums increased from 27.1 million to 43.8 million.

Cybercrime 102

Cybercrime Marketing eCommerce Advertising 102

eSecurity Planet

MAY 2, 2024

CrowdStrike: Observes the top attack vector in 2023 and predicts 2024’s targets: Unmanaged network appliances (edge gateway, firewall, virtual private network/VPN) remain the most observed initial access vector exploited in 2023. 20% of employee time is spent on company networks.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

Thales Cloud Protection & Licensing

MARCH 30, 2022

VPN Protection. Ensure that access to VPNs is always protected by multi-factor authentication (MFA). In the current threat environment all apps and users, especially cloud services are valid targets. Even the strongest passwords can be compromised. Apply MFA to the network logon. MFA should be enabled for ALL users.

Authentication 54

Authentication CISO VPN Threat Reports 54

SecureList

SEPTEMBER 6, 2022

Its main stealer functionality involves extracting data such as passwords, cookies, card details, and autofill data from browsers, cryptocurrency wallet secrets, credentials for VPN services, etc. The stolen information is then sent to a remote C&C server controlled by the attackers, who later drain victims’ accounts.

Mobile 133

Mobile Passwords Software Accountability 133

McAfee

JULY 29, 2021

The distributed workforce has expanded the threat landscape at an alarming rate. According to the latest McAfee Labs Threats Reports, the volume of malware threats observed by McAfee Labs averaged 688 threats per minute, an increase of 40 threats per minute (3%) in the first quarter of 2021.

Firewall 72

Firewall Malware Threat Detection Engineering 72

SecureList

NOVEMBER 1, 2022

It provides victims with a VPN connection that can be used to browse these resources. We have been tracking this threat actor for several years and previously published an APT threat report describing its malicious operations. SandStrike is distributed as a means to access resources about the Bahá?í

Malware 145

Malware Ransomware Spyware Encryption 145

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). Our report, available to subscribers of our APT threat reports, includes discussion of both the passive-listener payload and the loader functionality included in the main module.

Malware 145

Malware Government Spyware Social Engineering 145

SecureWorld News

FEBRUARY 9, 2024

Gartner has projected that by 2025, more than 60% of organizations will move away from VPN and rely on ZTNA. RELATED: Death of the VPN: A Security Eulogy ] VPNs have notably higher operating costs and lower scalability when using device-based architecture. In this case, CISOs must manage the risks due to the technology debt.

IoT 109

IoT VPN Architecture Risk 109

McAfee

MAY 10, 2021

Look into using a virtual private network (VPN). A VPN can provide bank-grade encryption that protects your data while you shop, bank, or simply surf online when connected to public Wi-Fi. . Be cautious when connecting to public Wi-Fi while on vacation and make sure the Wi-Fi is secure and attached to a trusted source.

Internet 108

Internet Internet Banking VPN 108