Tag: vpn

Privacy Roundup: Week 13 of Year 2025

Apr 1, 2025 11:36 AM

Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-day

This is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All

Mar 31, 2025 8:19 PM

Tags: backdoor, china, cisa, exploit, hacker, ivanti, malware, vpn, vulnerability

CISA Publishes Anatomy of Advanced Ivanti VPN Malware. Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rootkit-backdoor-tunneler-ivanti-malware-does-all-a-27881
Novel technique can unmask up to 70% of crooks hiding behind VPNs, proxies, Tor

Mar 27, 2025 9:37 PM

Tags: vpn

First seen on scworld.com Jump to article: www.scworld.com/feature/novel-technique-can-unmask-up-to-70-of-crooks-hiding-behind-vpns-proxies-tor
Vivaldi integrates Proton VPN into the browser to fight web tracking

Mar 27, 2025 3:34 PM

Tags: data, vpn

Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against ‘Big Tech’ surveillance for free. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/vivaldi-integrates-proton-vpn-into-the-browser-to-fight-web-tracking/
Die 10 häufigsten IT-Sicherheitsfehler

Mar 27, 2025 6:33 AM

Tags: access, authentication, backup, best-practice, bsi, citrix, cyberattack, detection, encryption, fortinet, incident response, infrastructure, Internet, microsoft, monitoring, password, ransomware, risk, security-incident, service, strategy, technology, update, vpn, vulnerability, zero-day

Von ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen. Verschlüsselte Dateien und eine Textdatei mit einer Erpresser-Nachricht zeigen klar und deutlich: Ein Unternehmen ist einer Cyberattacke zum Opfer gefallen. Dabei ist das nur das Ende einer langen Angriffskette. Die Tätergruppe bewegt sich oft seit mehreren Wochen oder Monaten…
Zunehmende Angriffe auf Fernzugriffstechnologien – Schwachstelle VPN

Mar 26, 2025 1:13 PM

Tags: cyberattack, vpn, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/schwachstelle-vpn-a-b67f1e061c24505a66e5dd749d4ef4ca/
Privacy Roundup: Week 12 of Year 2025

Mar 24, 2025 6:13 PM

Tags: access, antivirus, apple, attack, breach, cctv, credentials, crypto, cybersecurity, data, detection, exploit, firmware, google, government, group, iran, kaspersky, korea, leak, linux, malicious, malware, mfa, microsoft, mobile, network, north-korea, password, phishing, privacy, programming, regulation, router, russia, scam, service, software, spyware, startup, technology, threat, tool, unauthorized, virus, vpn, vulnerability, wifi, windows

This is a news item roundup of privacy or privacy-related news items for 16 MAR 2025 – 22 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Cloak ransomware group hacked the Virginia Attorney General’s Office

Mar 24, 2025 10:13 AM

Tags: cyberattack, email, group, office, ransomware, vpn

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. A cyberattack on the Virginia Attorney General’s Office forced officials to shut down IT systems, including email and VPN,…
AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Mar 21, 2025 1:13 AM

Tags: access, ai, attack, best-practice, breach, business, chatgpt, cloud, compliance, control, cyber, cybercrime, cybersecurity, data, deep-fake, exploit, finance, firewall, framework, germany, governance, government, healthcare, india, insurance, intelligence, least-privilege, malicious, malware, microsoft, monitoring, network, open-source, phishing, risk, scam, social-engineering, strategy, technology, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year”, something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud.As enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the…
New Arcane Stealer Spreads via YouTube, Stealing VPN and Browser Login Credentials

Mar 20, 2025 7:13 PM

Tags: credentials, cyber, cybercrime, data, exploit, login, malware, tactics, vpn

A new malware campaign has been uncovered, involving a sophisticated stealer known as Arcane, which is distributed through YouTube videos promoting game cheats. This campaign highlights the evolving tactics of cybercriminals, who continue to exploit popular platforms to spread malware. The Arcane stealer is notable for its extensive data collection capabilities, targeting a wide range…
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

Mar 20, 2025 5:13 PM

Tags: kaspersky, malware, network, russia, vpn

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.”What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla,…
Automatisierte Angriffe: BlackBasta setzt auf <>

Mar 20, 2025 9:13 AM

Tags: cyberattack, firewall, framework, ransomware, tool, vpn

Die Ransomware-Gruppierung BlackBasta hat ein mächtiges Tool zur Automatisierung von Brute-Force-Angriffen auf Edge-Netzwerkgeräte wie Firewalls und VPNs entwickelt. Das Framework mit dem Namen “BRUTED” erlaubt es den Angreifern, gezielt Zugangsdaten zu knacken und so Ransomware-Attacken auf verwundbare Netzwerke zu skalieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/automatisierte-angriffe-blackbasta-setzt-auf-bruted
TotalAV vs Surfshark VPN: Features Comparison Guide

Mar 20, 2025 12:13 AM

Tags: guide, software, vpn

When comparing VPN software, consider server locations, ease of use, device compatibility, and more. Check out our TotalAV vs Surfshark guide here. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/totalav-vs-surfshark-vpn/
Black Basta uses brute-forcing tool to attack edge devices

Mar 17, 2025 5:52 PM

Tags: attack, framework, password, ransomware, tool, vpn

The ransomware gang developed an automated framework to guess weak and reused passwords on VPNs and firewalls. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/black-basta-uses-brute-forcing-tool-to-attack-edge-devices/742672/
AI development pipeline attacks expand CISOs’ software supply chain risk

Mar 17, 2025 9:52 AM

Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerability

development pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses

Mar 15, 2025 1:52 AM

Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windows

Signs of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
Ransomware gang creates tool to automate VPN brute-force attacks

Mar 14, 2025 6:52 PM

Tags: attack, breach, firewall, framework, ransomware, tool, vpn

The Black Basta ransomware operation created an automated brute-forcing framework dubbed ‘BRUTED’ to breach edge networking devices like firewalls and VPNs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/
Remote Access Infra Remains Riskiest Corp. Attack Surface

Mar 14, 2025 3:52 PM

Tags: access, attack, cyber, data-breach, login, ransomware, risk, vpn

Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/remote-access-infra-remains-riskiest-corp-attack-surface
Speedify VPN Review 2025: Features, Security, and Performance

Mar 13, 2025 3:52 PM

Tags: vpn

Speedify VPN offers speed-centered features that may not make up for its lacking security features and pricey plan. Find out how this VPN measured up in our review. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/speedify-vpn-review/
IPVanish vs NordVPN: Compare Features and Price

Mar 12, 2025 9:55 PM

Tags: guide, software, vpn

When comparing VPN software, consider server locations, price, customer support, and more. Check out our IPVanish vs NordVPN guide here. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/ipvanish-vs-nordvpn/
Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns

Mar 12, 2025 12:58 AM

Tags: apt, china, cisa, cyberespionage, exploit, flaw, group, ivanti, remote-code-execution, vpn, vulnerability, zero-day

Ivanti products in attackers’ crosshairs: Multiple Ivanti products have been targeted by attackers over the past year, especially by state-sponsored cyberespionage groups who developed zero-day exploits for them.Back in January Ivanti patched a critical remote code execution flaw in its Connect Secure SSL VPN appliance that a Chinese APT group had exploited as a zero-day…
Perimeter security appliances source of most ransomware hits

Mar 11, 2025 8:54 PM

Tags: network, ransomware, vpn

Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620362/Perimeter-security-appliances-source-of-most-ransomware-hits
Majority of ransomware claims involved compromise of perimeter security devices

Mar 11, 2025 5:54 PM

Tags: cyber, insurance, ransomware, vpn

A report by cyber insurance firm Coalition shows six of every 10 ransomware claims involved compromised VPN or firewall. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-compromise-perimeter-devices/742158/
Email Phishing and Online Anonymity: Can You Completely Hide from Attackers on the Darknet?

Mar 10, 2025 10:54 PM

Tags: dark-web, email, phishing, privacy, tool, vpn

Explore the challenges of online anonymity and email phishing. Learn how tools like VPNs and Tor enhance privacy but aren’t foolproof. Stay safe and anonymous online. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/email-phishing-and-online-anonymity-can-you-completely-hide-from-attackers-on-the-darknet/
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools

Mar 10, 2025 7:54 PM

Tags: exploit, russia, tool, vpn

SilentCryptoMiner, disguised as a VPN bypass tool, infected over 2,000 Russian users by exploiting weak security measures. Stay vigilant. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/silentcryptominer-infects-2000-russian-users/
North Korean IT Workers Linked to 2,400 Astrill VPN IP Addresses

Mar 10, 2025 2:54 PM

Tags: cyber, data, malicious, north-korea, vpn

new data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean IT workers. These findings were reported by a cyber security source, who obtained the information from http://Spur.us, a platform known for tracking and exposing malicious online activity. This development raises serious concerns about the extent to…
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

Mar 10, 2025 5:53 AM

Tags: crypto, cybercrime, cybersecurity, Internet, kaspersky, malware, russia, tool, vpn, windows

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware…
Ransomware Groups Favor Repeatable Access Over Mass Vulnerability Exploits

Mar 7, 2025 3:53 PM

Tags: access, credentials, exploit, group, ransomware, vpn, vulnerability

Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-repeatable-access/
Leitfaden für Abwehrspezialisten

Mar 7, 2025 2:53 PM

Tags: ciso, malware, vpn

Akamai Technologies veröffentlicht den Leitfaden für Abwehrspezialisten 2025: . Dieser neuartige SOTI-Bericht (State of the Internet) bietet Forschungsergebnisse aus der Praxis. Mit Erkenntnissen zu Themen wie Risikobewertung, VPN-Missbrauch und fortschrittlichen Malware-Techniken können Unternehmen ihre Cybersicherheitsstrategie verbessern. Für CISOs besonders spannend: Der Bericht beschreibt detaillierte Sicherheitsstrukturen mit proaktiven Maßnahmen, die […] First seen on netzpalaver.de Jump…
Mangelhafte Cybersicherheit im Gesundheitswesen

Mar 7, 2025 12:54 PM

Tags: access, ai, chatgpt, compliance, cyberattack, cyersecurity, data, endpoint, exploit, HIPAA, insurance, ransomware, resilience, risk, service, usa, vpn, vulnerability, vulnerability-management, windows

15 Prozent der Endgeräte im Gesundheitssektor haben keine oder nicht-übereinstimmente Sicherheits- und Risikokontrollen.Laut dem aktuellen Horizon Report 2025 wurden im Jahr 2024 weltweit 183 Millionen Patientendaten kompromittiert. Das ist ein Anstieg von neun Prozent im Vergleich zum Vorjahr. Doch weshalb fällt es für Gesundheitseinrichtungen so schwer, sich ausreichend vor Ransomware-Angriffen zu schützen?Um das herauszufinden, hat…