Tag: vpn
-
Akira and Lynx Ransomware Target MSPs Using Stolen Credentials and Exploited Vulnerabilities
Tags: breach, credentials, cyber, data, defense, exploit, extortion, group, msp, ransomware, service, threat, vpn, vulnerabilityThe Acronis Threat Research Unit (TRU) dissected recent samples from the Akira and Lynx ransomware families, revealing incremental enhancements in their ransomware-as-a-service (RaaS) models and double-extortion strategies. Both groups leverage stolen credentials, VPN vulnerabilities, reconnaissance, privilege escalation, defense evasion, and data exfiltration to infiltrate systems, primarily targeting small and medium-sized businesses (SMBs) with recycled yet…
-
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise of seemingly useful applications.These apps masquerade as VPNs, device “monitoring” apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in…
-
Cyberangriffe kennen keine Ferienzeiten
Sommerzeit ist Reisezeit aber während viele Menschen ihre wohlverdiente Auszeit genießen, laufen Cyberkriminelle zur Hochform auf. Ein Smartphone, das unbeaufsichtigt am Hotelpool liegt, ist nicht nur ein physisches Sicherheitsrisiko. Viel häufiger nutzen Angreifer die digitale Sorglosigkeit aus: Offene WLAN-Netze, deaktivierte VPN-Verbindungen oder veraltete Sicherheitsupdates bieten ideale Angriffspunkte. Besonders beliebt sind Man-in-the-Middle-Attacken, bei denen Daten […]…
-
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
SonicWall said it’s actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025.”Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is enabled,”…
-
SonicWall urges customers to take VPN devices offline after ransomware campaign
Multiple cybersecurity incident response firms are warning about the possibility that a zero-day vulnerability in some SonicWall devices is allowing ransomware attacks. First seen on therecord.media Jump to article: therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
-
SonicWall VPN Attacks: Five Key Things To Know
Security researchers are reporting active exploitation of a “likely” zero-day vulnerability affecting SonicWall VPN devices. First seen on crn.com Jump to article: www.crn.com/news/security/2025/sonicwall-vpn-attacks-5-key-things-to-know
-
Akira Ramps Up Assault on SonicWall Firewalls, Suggesting Zero-Day
An uptick of ransomware activity by the group in late July that uses the vendor’s SSL VPN devices for initial intrusion shows evidence of an as-yet-undisclosed flaw under exploitation. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/akira-sonicwall-firewalls-zero-day
-
Uptick in Akira Ransomware Actors Targeting SonicWall VPNs
Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uptick-akira-ransomware-actors/
-
Aktivitäten mit Fokus auf Sonicwall-SSL-VPNs der Ransomware Akira nehmen zu
Ende Juli 2025 hat Arctic Wolf eine Zunahme von Ransomware-Aktivitäten festgestellt, bei denen Sonicwall-Firewall-Geräte als Einstiegsstellen genutzt wurden. In den analysierten Fällen wurden innerhalb kurzer Zeit mehrere sogenannte ‘Pre-Ransomware”-Intrusionen mit Zugang über Sonicwall-SSL-VPNs durchgeführt. Obwohl Angriffe auf Basis kompromittierter Zugangsdaten nicht in allen Fällen ausgeschlossen werden können, deuten die vorliegenden Hinweise auf eine Zero-Day-Schwachstelle in…
-
Aktivitäten mit Fokus auf Sonicwall-SSL-VPNs der Ransomware Akira nehmen zu
Ende Juli 2025 hat Arctic Wolf eine Zunahme von Ransomware-Aktivitäten festgestellt, bei denen Sonicwall-Firewall-Geräte als Einstiegsstellen genutzt wurden. In den analysierten Fällen wurden innerhalb kurzer Zeit mehrere sogenannte ‘Pre-Ransomware”-Intrusionen mit Zugang über Sonicwall-SSL-VPNs durchgeführt. Obwohl Angriffe auf Basis kompromittierter Zugangsdaten nicht in allen Fällen ausgeschlossen werden können, deuten die vorliegenden Hinweise auf eine Zero-Day-Schwachstelle in…
-
âš¡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More
Malware isn’t just trying to hide anymore”, it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just…
-
Akira Ransomware targets SonicWall VPNs in likely zero-day attacks
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting SonicWall SSL VPNs in a likely zero-day attack, targeting even fully patched devices. Arctic Wolf Labs observed multiple intrusions via VPN access in late July 2025.…
-
Akira Ransomware Exploits 0-Day Vulnerability in SonicWall Firewall Devices
Tags: access, attack, cyber, cybersecurity, exploit, firewall, ransomware, vpn, vulnerability, zero-dayCybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown zero-day vulnerability. The company’s investigation revealed multiple coordinated attacks using SonicWall SSL VPNs as the initial access point, raising serious concerns about the security of…
-
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025.”In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,” Arctic Wolf Labs researcher Julian Tuin said in…
-
Sicherheitsvorfälle: Zugriffe durch Dritte werden zur Achillesferse
In nahezu jedem fünften Datenschutzvorfall der letzten Jahre waren dritte Parteien involviert. Das reicht von geteilten VPN-Zugängen über fehlende Segmentierung bis hin zu keiner Echtzeitüberwachung von Zugriffen. Insbesondere in der Fertigungsindustrie, wo externe Verbindungen zu Dienstleistern, Lieferanten und Partnern zum … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/02/sicherheitsvorfaelle-zugriffe-durch-dritte-werden-zur-achillesferse/
-
Summer: Why cybersecurity must be strengthened as vacations abound
Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifiGuillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
-
Ransomware gang tells Ingram Micro, ‘Pay up by August 1’
Tags: access, attack, backup, breach, cyber, cyberattack, data, data-breach, encryption, exploit, extortion, government, group, international, Internet, law, leak, organized, ransom, ransomware, technology, tool, vpn, vulnerabilityRansomware attacks increase: In a report on ransomware released this week, researchers at Zscaler ThreatLabz said the number of organizations listed on all ransomware leak sites rose 70% in the 12 month period ending in April.A growing number of ransomware operators are abandoning encryption of data in favour of just data extortion, it noted. For…
-
SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed
watchTowr’s latest research details critical SonicWall SMA100 flaws (CVE-2025-40596, 40597, 40598). Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now! First seen on hackread.com Jump to article: hackread.com/sonicwall-patch-after-3-vpn-vulnerabilities-disclosed/
-
Applying Tenable’s Risk-based Vulnerability Management to the Australian Cyber Security Centre’s Essential Eight
Tags: ai, attack, breach, business, cloud, compliance, container, control, cvss, cyber, cybersecurity, data, data-breach, defense, endpoint, finance, firewall, framework, google, government, identity, incident response, infrastructure, intelligence, Internet, microsoft, mitigation, network, ransomware, risk, service, software, strategy, technology, threat, tool, update, vpn, vulnerability, vulnerability-management, windows, zero-dayLearn how Thales Cyber Services uses Tenable to help customers navigate the maturity levels of the Essential Eight, enabling vulnerability management and staying ahead of cyber threats. In today’s fast-moving digital world, cyber threats are more advanced and relentless than ever. A single security breach can mean financial loss, reputational damage and operational chaos. That’s…
-
NordVPN Rolls Out Scam Call Protection for Android Users in the US
NordVPN’s new Scam Call Protection alerts US Android users of suspicious calls, helping prevent fraud, no separate app or VPN connection needed. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/nordvpn-scam-call-protection-android/
-
VPN Use Surges as UK Online Safety Act Takes Effect
New UK Law Requiring Age-Verification Measures on Porn Sites Causes VPN Use to Soar. Free virtual private network services are soaring to the top of the app charts in the United Kingdom after a new law went into effect Friday requiring platforms that contain adult content – including sites like X and Reddit – to…
-
Altersabfrage im Internet: Sprunghafter Anstieg von VPN-Nutzung in Großbritannien
Dass Nutzer vermehrt VPN-Verbindungen verwenden, war bisher in jedem Land zu sehen, das Inhaltsbeschränkungen im Internet durchsetzte. First seen on golem.de Jump to article: www.golem.de/news/altersabfrage-im-internet-sprunghafter-anstieg-von-vpn-nutzung-in-grossbritannien-2507-198629.html
-
Researchers Reveal Technical Details of SonicWall SMA100 Series N-Day Vulnerabilities
Tags: authentication, awareness, cyber, firmware, flaw, network, programming, remote-code-execution, vpn, vulnerabilitySecurity researchers have disclosed technical details of three previously patched vulnerabilities affecting SonicWall’s SMA100 series SSL-VPN appliances, highlighting concerning pre-authentication security flaws that could have enabled remote code execution and cross-site scripting attacks. The vulnerabilities, all confirmed against firmware version 10.2.1.15, underscore persistent challenges in network appliance security despite decades of awareness around common programming…
-
Age Verification Laws Send VPN Use Soaring”, and Threaten the Open Internet
A law requiring UK internet users to verify their age to access adult content has led to a huge surge in VPN downloads”, and has experts worried about the future of free expression online. First seen on wired.com Jump to article: www.wired.com/story/vpn-use-spike-age-verification-laws-uk/
-
UK VPN demand soars after debut of Online Safety Act
1,400% jump in sign-ups as users try to avoid age verification checks when surfing adult sites First seen on theregister.com Jump to article: www.theregister.com/2025/07/28/uk_vpn_demand_soars/
-
AWS Client VPN for Windows Vulnerability Could Allow Privilege Escalation
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow non-administrative users to escalate their privileges to root-level access during the installation process. The vulnerability, tracked as CVE-2025-8069, affects multiple versions of the AWS Client VPN client and has been addressed in the latest software update.…
-
AWS Client VPN for Windows Vulnerability Could Allow Privilege Escalation
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow non-administrative users to escalate their privileges to root-level access during the installation process. The vulnerability, tracked as CVE-2025-8069, affects multiple versions of the AWS Client VPN client and has been addressed in the latest software update.…
-
Debug Code in ExpressVPN Windows App Caused IP Leak via RDP Port
ExpressVPN has alerted users of a security issue in its Windows application that allowed certain Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users’ IP addresses. This vulnerability primarily affected TCP traffic routed over port 3389, the standard port for RDP connections, which are often used in enterprise environments rather than…