Collecting Cyber-News from over 60 sources

Tag: vpn

SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups

Oct 13, 2025 8:23 AM

Tags: attack, backup, breach, credentials, cyber, cybersecurity, firewall, hacker, threat, vpn

Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups

Oct 13, 2025 8:23 AM

Tags: attack, backup, breach, credentials, cyber, cybersecurity, firewall, hacker, threat, vpn

Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

Oct 13, 2025 8:23 AM

Tags: backdoor, cisco, control, credentials, cybersecurity, malware, rust, vpn

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.”Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,’” eSentire said in a technical report published First seen on thehackernews.com…
Attackers exploit valid logins in SonicWall SSL VPN compromise

Oct 11, 2025 6:23 PM

Tags: access, breach, credentials, cybersecurity, exploit, login, threat, vpn

Huntress warns of widespread SonicWall SSL VPN breaches, with attackers using valid credentials to access multiple accounts rapidly. Cybersecurity firm Huntress warned of a widespread compromise of SonicWall SSL VPNs, with threat actors using valid credentials to access multiple customer accounts rapidly. >>As of October 10, Huntress has observed widespread compromise of SonicWall SSLVPN devices…
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Oct 11, 2025 5:23 PM

Tags: access, attack, control, credentials, cybersecurity, vpn

Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments.”Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.”A significant chunk of First seen…
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Oct 11, 2025 5:23 PM

Tags: access, attack, control, credentials, cybersecurity, vpn

Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments.”Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.”A significant chunk of First seen…
Stealit Malware Using Node.js to Hide in Fake Game and VPN Installers

Oct 10, 2025 5:23 PM

Tags: detection, fortinet, malware, vpn, windows

Fortinet warns of Stealit, a MaaS infostealer, now targeting Windows systems and evading detection by using Node.js’s SEA feature while hiding in fake game and VPN installers. First seen on hackread.com Jump to article: hackread.com/stealit-malware-node-js-fake-game-vpn-installers/
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Oct 10, 2025 5:23 PM

Tags: cybersecurity, fortinet, framework, malware, open-source, vpn

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Oct 10, 2025 5:23 PM

Tags: cybersecurity, fortinet, framework, malware, open-source, vpn

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Oct 10, 2025 3:23 PM

Tags: access, cyber, finance, login, network, password, service, vpn

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious activity within a financial services customer’s environment when legitimate CiscoVPN logins coincided with anomalous WMI calls to multiple endpoints. Investigation revealed that an Active Directory account named “serviceaccount” had been abused alongside the VPN access,…
Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Oct 10, 2025 3:23 PM

Tags: access, cyber, finance, login, network, password, service, vpn

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious activity within a financial services customer’s environment when legitimate CiscoVPN logins coincided with anomalous WMI calls to multiple endpoints. Investigation revealed that an Active Directory account named “serviceaccount” had been abused alongside the VPN access,…
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware

Oct 10, 2025 2:23 PM

Tags: access, attack, cyber, exploit, extortion, network, ransomware, threat, update, vpn, vulnerability

A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
itSpecial

Oct 10, 2025 2:23 PM

Tags: access, authentication, cloud, conference, cyber, detection, dora, DSGVO, firewall, insurance, ivanti, linux, mobile, oracle, privacy, risk-analysis, software, vpn, waf

Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
itSpecial

Oct 10, 2025 2:23 PM

Tags: access, authentication, cloud, conference, cyber, detection, dora, DSGVO, firewall, insurance, ivanti, linux, mobile, oracle, privacy, risk-analysis, software, vpn, waf

Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
itSpecial

Oct 10, 2025 2:23 PM

Tags: access, authentication, cloud, conference, cyber, detection, dora, DSGVO, firewall, insurance, ivanti, linux, mobile, oracle, privacy, risk-analysis, software, vpn, waf

Agentforce im Privacy Center Salesforce Ivanti hat Connect Secure generalüberholt: Ivanti hat auf der it-sa die Version 25.X von Ivanti Connect Secure (ICS) vorgestellt. Nach den Sicherheitsvorfällen zu Beginn des Jahres wurde die VPN-Software nun laut Hersteller nach dem Prinzip ‘Security by Design” neu entwickelt. Dazu gehören ein moderner Webserver und eine Web Application Firewall…
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware

Oct 10, 2025 2:23 PM

Tags: access, attack, cyber, exploit, extortion, network, ransomware, threat, update, vpn, vulnerability

A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware

Oct 10, 2025 2:23 PM

Tags: access, attack, cyber, exploit, extortion, network, ransomware, threat, update, vpn, vulnerability

A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware

Oct 10, 2025 2:23 PM

Tags: access, attack, cyber, exploit, extortion, network, ransomware, threat, update, vpn, vulnerability

A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

Oct 9, 2025 4:23 PM

Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpn

Critical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

Oct 9, 2025 4:23 PM

Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpn

Critical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
Hackers Enhance ClickFix Attack Using Cache Smuggling to Stealthily Download Malicious Files

Oct 9, 2025 11:23 AM

Tags: attack, compliance, cyber, cybersecurity, fortinet, hacker, malicious, social-engineering, threat, vpn

Cybersecurity researchers have discovered a sophisticated evolution of the ClickFix attack technique that leverages browser cache smuggling to covertly place malicious files on target systems without traditional file downloads. This advanced social engineering campaign specifically targets enterprise users through fake Fortinet VPN compliance pages, demonstrating how threat actors continuously adapt their methods to evade detection.…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
So verändert SASE die Cybersicherheit

Oct 8, 2025 1:58 PM

Tags: access, cyberattack, cyersecurity, defense, firewall, service, strategy, tool, vpn

Angesichts rasant steigender Cyberangriffe und wachsender Vernetzung scheint die klassische Defense-in-Depth-Strategie an ihre Grenzen zu stoßen. Unternehmen setzen heute auf zahlreiche Einzellösungen Firewalls, VPNs, SWG, CASB etc. doch die Koordination untereinander funktioniert selten reibungslos. Das Ergebnis: Transparenzlücken, unübersichtliche Tools, widersprüchliche Richtlinien, langsame Reaktion und hohe Kosten. Secure-Access-Service-Edge (SASE) wird in diesem Kontext als […] First…
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability

Oct 8, 2025 1:58 PM

Tags: cve, cvss, cyber, exploit, flaw, macOS, service, vpn, vulnerability

Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability

Oct 8, 2025 1:58 PM

Tags: cve, cvss, cyber, exploit, flaw, macOS, service, vpn, vulnerability

Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

Oct 5, 2025 2:35 PM

Tags: ai, backdoor, email, international, malicious, malware, ransomware, vpn

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails EvilAI Operators Use AI-Generated Code…
New Study Warns Several Free iOS and Android VPN Apps Leak Data

Oct 4, 2025 3:35 PM

Tags: android, data, flaw, leak, privacy, risk, tool, vpn

A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
Hundreds of Free VPN Apps Expose Android and iOS Users’ Personal Data

Oct 3, 2025 8:41 AM

Tags: access, android, communications, cyber, data, flaw, mobile, network, privacy, vpn

Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile devices. But what if the very apps designed to safeguard your data are riddled with dangerous security flaws that expose the exact information they promise to protect? A comprehensive security and privacy analysis by Zimperium…
Free VPN Apps Found Riddled With Security Flaws

Oct 2, 2025 3:41 PM

Tags: flaw, privacy, risk, threat, vpn

A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/free-vpn-apps-security-flaws/