Tag: vpn
-
Privilegierte Zugänge werden zum Sicherheitsrisiko
Tags: access, ai, api, apple, authentication, best-practice, cisco, cloud, cyber, cyberattack, dark-web, hacker, mail, malware, mfa, microsoft, password, phishing, ransomware, risk, service, tool, vpn, vulnerabilityKriminelle bevorzugen Phishing als Erstzugriffsmethode und nutzen legale Tools für unauffällige Angriffe auf sensible Systeme, wie eine aktuelle Studie herausfand.Der Missbrauch legitimer privilegierter Zugänge (legitimate privileged access) nimmt zu . Wie der Cisco Talos’ Jahresrückblick 2024 herausfand, nutzten Angreifer immer öfter gestohlene Identitäten für ihre Attacken, darunter auch Ransomware-Erpressungen. Dafür missbrauchen die HackerAnmeldedaten,Tokens,API-Schlüssel undZertifikate.Angriffe dieser…
-
CVE-2025-22457: Critical Ivanti Connect Secure Vulnerability
Summary On April 3, 2025, Ivanti disclosed CVE-2025-22457 that impacts Ivanti Connect Secure VPN appliances, PulseConnect Secure(end of service), Ivanti Policy Secure, and ZTA Gateways. First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/04/04/cve-2025-22457-critical-ivanti-connect-secure-vulnerability/
-
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code
OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to crash servers and potentially execute remote code under certain conditions. The flaw, identified as CVE-2025-2704, affects OpenVPN servers using specific configurations and has been addressed in the newly released version OpenVPN 2.6.14. CVE-2025-2704: Overview The vulnerability is…
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
App Stores OK’ed VPNs Run by China PLA
Bad Apple: Chinese firm banned by the U.S. is the shady entity behind a clutch of free VPN apps”, with over a million downloads. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/app-stores-oked-vpns-run-by-china-pla/
-
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
Cisco has disclosed a significant vulnerability in itsAnyConnect VPN Serverfor Meraki MX and Z Series devices, allowing authenticated attackers to triggerdenial-of-service (DoS)conditions. The flaw (CVE-2025-20212) stems from an uninitialized variable during SSL VPN session establishment and affects over 20 hardware models across enterprise networks. Vulnerability Overview Exploiting this bug requires valid VPN credentials. Attackers can…
-
Surge in Scans on PAN GlobalProtect VPNs Hints at Attacks
Over the past few weeks, bad actors from different regions have been scanning devices with the VPN for potential vulnerabilities. First seen on darkreading.com Jump to article: www.darkreading.com/perimeter/scans-pan-globalprotect-vpns-attacks
-
Privacy Roundup: Week 13 of Year 2025
Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-dayThis is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All
CISA Publishes Anatomy of Advanced Ivanti VPN Malware. Hackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rootkit-backdoor-tunneler-ivanti-malware-does-all-a-27881
-
Novel technique can unmask up to 70% of crooks hiding behind VPNs, proxies, Tor
Tags: vpnFirst seen on scworld.com Jump to article: www.scworld.com/feature/novel-technique-can-unmask-up-to-70-of-crooks-hiding-behind-vpns-proxies-tor
-
Vivaldi integrates Proton VPN into the browser to fight web tracking
Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against ‘Big Tech’ surveillance for free. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/vivaldi-integrates-proton-vpn-into-the-browser-to-fight-web-tracking/
-
Die 10 häufigsten IT-Sicherheitsfehler
Von ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen. Verschlüsselte Dateien und eine Textdatei mit einer Erpresser-Nachricht zeigen klar und deutlich: Ein Unternehmen ist einer Cyberattacke zum Opfer gefallen. Dabei ist das nur das Ende einer langen Angriffskette. Die Tätergruppe bewegt sich oft seit mehreren Wochen oder Monaten…
-
Zunehmende Angriffe auf Fernzugriffstechnologien – Schwachstelle VPN
First seen on security-insider.de Jump to article: www.security-insider.de/schwachstelle-vpn-a-b67f1e061c24505a66e5dd749d4ef4ca/
-
Cloak ransomware group hacked the Virginia Attorney General’s Office
The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. A cyberattack on the Virginia Attorney General’s Office forced officials to shut down IT systems, including email and VPN,…
-
New Arcane Stealer Spreads via YouTube, Stealing VPN and Browser Login Credentials
A new malware campaign has been uncovered, involving a sophisticated stealer known as Arcane, which is distributed through YouTube videos promoting game cheats. This campaign highlights the evolving tactics of cybercriminals, who continue to exploit popular platforms to spread malware. The Arcane stealer is notable for its extensive data collection capabilities, targeting a wide range…
-
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.”What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla,…
-
Automatisierte Angriffe: BlackBasta setzt auf <>
Die Ransomware-Gruppierung BlackBasta hat ein mächtiges Tool zur Automatisierung von Brute-Force-Angriffen auf Edge-Netzwerkgeräte wie Firewalls und VPNs entwickelt. Das Framework mit dem Namen “BRUTED” erlaubt es den Angreifern, gezielt Zugangsdaten zu knacken und so Ransomware-Attacken auf verwundbare Netzwerke zu skalieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/automatisierte-angriffe-blackbasta-setzt-auf-bruted
-
TotalAV vs Surfshark VPN: Features Comparison Guide
When comparing VPN software, consider server locations, ease of use, device compatibility, and more. Check out our TotalAV vs Surfshark guide here. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/totalav-vs-surfshark-vpn/
-
Black Basta uses brute-forcing tool to attack edge devices
The ransomware gang developed an automated framework to guess weak and reused passwords on VPNs and firewalls. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/black-basta-uses-brute-forcing-tool-to-attack-edge-devices/742672/
-
AI development pipeline attacks expand CISOs’ software supply chain risk
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses
Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windowsSigns of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
-
Ransomware gang creates tool to automate VPN brute-force attacks
The Black Basta ransomware operation created an automated brute-forcing framework dubbed ‘BRUTED’ to breach edge networking devices like firewalls and VPNs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/
-
Remote Access Infra Remains Riskiest Corp. Attack Surface
Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/remote-access-infra-remains-riskiest-corp-attack-surface
-
Speedify VPN Review 2025: Features, Security, and Performance
Tags: vpnSpeedify VPN offers speed-centered features that may not make up for its lacking security features and pricey plan. Find out how this VPN measured up in our review. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/speedify-vpn-review/
-
IPVanish vs NordVPN: Compare Features and Price
When comparing VPN software, consider server locations, price, customer support, and more. Check out our IPVanish vs NordVPN guide here. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/ipvanish-vs-nordvpn/