Tag: vpn
-
Stealthy ‘Magic Packet’ malware targets Juniper VPN gateways
A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in the network traffic. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealthy-magic-packet-malware-targets-juniper-vpn-gateways/
-
Angriff der Plüschdämonen
ESET Forscher entdecken Supply-Chain-Angriff gegen einen VPN-Anbieter in Südkorea durch neue APT-Gruppe “PlushDaemon” First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/angriff-der-pluschdamonen/
-
PlushDaemon: Neue Hackergruppe zielt auf VPN-Nutzer
Forscher des IT-Sicherheitsunternehmens ESET haben eine bislang unbekannte Advanced Persistent Threat (APT)-Gruppe identifiziert, die mit China in Verbindung steht. Unter dem Namen PlushDaemon agiert die Gruppe offenbar seit mindestens 2019 und führt hochentwickelte Cyberspionage-Angriffe durch. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/plushdaemon-neue-hackergruppe-zielt-auf-vpn-nutzer
-
Chinese Cyberspies Target South Korean VPN in Supply Chain Attack
Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-cyberspies-target-south-korean-vpn-supply-chain-attack
-
China-linked hacker group targets victims in East Asia with malicious VPN installers
The group compromised a virtual private network installer developed by the South Korean firm IPany to deploy custom malware on victims’ devices.]]> First seen on therecord.media Jump to article: therecord.media/china-hacker-group-vpns-backdoor
-
PlushDaemon APT Targeted South Korean VPN Software
PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/plushdaemon-apt-targeted-south/
-
IPany VPN breached in supply-chain attack to push custom malware
South Korean VPN provider IPany was breached in a supply chain attack by the “PlushDaemon” China-aligned hacking group, who compromised the company’s VPN installer to deploy the custom ‘SlowStepper’ malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/
-
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET.”The attackers replaced the legitimate installer with one that also deployed the group’s signature implant that we have named SlowStepper…
-
China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/22/plushdaemon-apt-slowstepper-supply-chain-compromise/
-
Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally
Millions of devices, including home routers, VPN servers, and CDNs are vulnerable to exploitation due to critical flaws… First seen on hackread.com Jump to article: hackread.com/tunneling-flaws-millions-of-vpns-and-routers-at-risk/
-
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks.”Internet hosts that accept tunneling packets without verifying the sender’s identity can be hijacked to perform anonymous attacks and provide access to their networks,” Top10VPN said in a study, as part of a collaboration with…
-
Private Internet Access VPN Review: How Good Is PIA VPN?
When it comes to privacy and security, PIA VPN is among the best. Discover its features, performance, pricing, and more with this in-depth review. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/private-internet-access-vpn-review/
-
US hits back against China’s Salt Typhoon group
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
Darknet: Konfigurationen und VPN-Passwörter von Fortinet-Geräten aufgetaucht
Vollständige Konfigurationsdateien mit VPN-Passwörtern im Klartext: Eine Gruppe verschenkt diese Daten im Darknet. heise security liegt der Datensatz vor. First seen on heise.de Jump to article: www.heise.de/news/Darknet-Konfigurationen-und-VPN-Passwoerter-von-Fortinet-Geraeten-aufgetaucht-10244015.html
-
CyberGhost VPN Review (2025): Features, Pricing, and Security
Tags: vpnIn this comprehensive review of CyberGhost VPN, we cover its features, pricing, security, and overall performance. Find out if this is the right VPN for you. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/cyberghost-vpn-review/
-
Critical Vulnerabilities CVE-2025-0282 and CVE-2025-0283 in Ivanti Connect Secure VPN Appliances
Summary On January 8, 2025, Ivanti disclosed two critical vulnerabilities, and, impacting Ivanti Connect Secure (ICS) VPN appliances. Notably, has been exploited in the wild First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/01/09/critical-vulnerabilities-cve-2025-0282-and-cve-2025-0283-in-ivanti-connect-secure-vpn-appliances/
-
Fortinet confirms zero-day flaw used in attacks against its firewalls
Fortinet has confirmed the existence of a critical authentication bypass vulnerability in specific versions of FortiOS firewalls and FortiProxy secure web gateways. The flaw has been exploited in the wild since early December in what appears to be an indiscriminate and widespread campaign, according to cybersecurity firm Arctic Wolf.The fix for this zero-day is part…
-
CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild
Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024. Background On January 14, Fortinet released a security advisory (FG-IR-24-535) addressing a critical severity vulnerability impacting FortiOS and FortiProxy. CVE Description CVSSv3 CVE-2024-55591 FortiOS and FortiProxy Authentication Bypass Vulnerability…
-
Ivanti VPN zero-day implicated in Nominet hack
First seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-vpn-zero-day-implicated-in-nominet-hack
-
Ivanti Patches Actively-Exploited Connect Secure VPN Flaw
First seen on scworld.com Jump to article: www.scworld.com/brief/ivanti-patches-actively-exploited-connect-secure-vpn-flaw
-
Beware cybersecurity tech that’s past its prime, 5 areas to check or retire
Tags: access, advisory, ai, antivirus, attack, authentication, breach, bug-bounty, ciso, cloud, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, firewall, Hardware, network, password, penetration-testing, risk, router, siem, software, strategy, switch, threat, tool, vpn, vulnerability, waf, zero-trustCybersecurity leaders can choose from an ever-expanding list of digital tools to help them ward off attacks and, based on market projections, they’re implementing plenty of those options.Gartner predicts a 15% increase in cybersecurity spending for 2025, with global expenditures expected to reach $212 billion in the upcoming year. The research and consulting firm says…
-
Five Latest Updates On The 2025 Ivanti VPN Attacks
A domain registry provider is the first company to acknowledge a compromise related to the cyberattacks, which have exploited a critical vulnerability in Ivanti Connect Secure. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-latest-updates-on-the-2025-ivanti-vpn-attacks
-
Arctic Wolf entdeckt Kampagne mit verdächtigen Aktivitäten auf <>
Arctic Wolf Labs, das Threat-Research-Team von Arctic Wolf, hat Anfang Dezember 2024 eine Kampagne mit verdächtigen Aktivitäten auf -Geräten beobachtet. Indem sie sich Zugang zu den Verwaltungsschnittstellen der betroffenen Firewalls verschafften, konnten Cyberkriminelle die Firewall-Konfigurationen ändern, neue Konten erstellen und sich mit diesen Benutzerkonten bei den SSL-VPN-Portalen anmelden. In den kompromittierten Umgebungen wurden […] First…
-
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/