Tag: vpn
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails EvilAI Operators Use AI-Generated Code…
-
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
-
Hundreds of Free VPN Apps Expose Android and iOS Users’ Personal Data
Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile devices. But what if the very apps designed to safeguard your data are riddled with dangerous security flaws that expose the exact information they promise to protect? A comprehensive security and privacy analysis by Zimperium…
-
Free VPN Apps Found Riddled With Security Flaws
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/free-vpn-apps-security-flaws/
-
Free VPN Apps Found Riddled With Security Flaws
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/free-vpn-apps-security-flaws/
-
Sicherer Fernzugriff neu gedacht – Warum Zero Trust Network Access das klassische VPN ablöst
First seen on security-insider.de Jump to article: www.security-insider.de/zero-trust-abloesung-vpn-a-810f1aa6f42690a1c2b38816ba3f4505/
-
Android malware uses VNC to give attackers hands-on access
A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-uses-vnc-to-give-attackers-hands-on-access/
-
Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care
The shutdown, confirmed by internet monitoring groups NetBlocks, Kentik and Proton VPN, began late Monday and continued into Tuesday, affecting both mobile and fixed-line services. Telephone networks were also disrupted. First seen on therecord.media Jump to article: therecord.media/afghanistan-plunged-into-nationwide-internet-blackout
-
Akira Hits SonicWall VPNs in Broad Ransomware Campaign
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/akira-sonicwall-vpns-broad-ransomware-campaign
-
Surging Threats, Complexity Means VPNs Are On Their Way Out: Experts
The continuing intensification of attacks targeting VPNs and the complexities of hybrid IT environments are accelerating the shift away from the technology and toward cloud-based alternatives such as zero trust network access (ZTNA), experts told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2025/surging-threats-complexity-means-vpns-are-on-their-way-out-experts
-
Gone in 60 Minutes: Akira Defeats MFA for SonicWall SSL VPNs
‘Opportunistic, Mass Exploitation’ Campaign Surging, Say Cybersecurity Researchers. Attackers wielding Akira ransomware appear to be engaged in an opportunistic, mass exploitation of SonicWall SSL VPN servers, even when they’re using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gone-in-60-minutes-akira-defeats-mfa-for-sonicwall-ssl-vpns-a-29590
-
Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/akira-ransomware-sonicwall-vpn/
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
Kampagne mit Ransomware Akira zielt auf Sonicwall-VPNs ab
Ende Juli 2025 hat Arctic Wolf Labs, das Threat-Research-Team von Arctic Wolf, eine Reihe von Angriffen beobachtet, bei denen verdächtige -Aktivitäten aufgetreten sind. Hierbei folgten auf unberechtigte Anmeldungen innerhalb weniger Minuten Port-Scans, Impacket-SMB-Aktivitäten und die schnelle Verbreitung der Akira-Ransomware. Die betroffenen Unternehmen sind aus verschiedenen Branchen und weisen unterschiedliche Größen auf, was auf eine opportunistische Herangehensweise…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Akira Ransomware bypasses MFA on SonicWall VPNs
Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from the exploitation of the CVE-2024-40766 vulnerability, bypassing OTP MFA. Attacks spread quickly across sectors, with rapid post-login activity and short dwell times, making…
-
SonicWall SSL VPN Attacks Escalate, Bypassing MFA
Akira ransomware attacks on SonicWall SSL VPN appliances are bypassing its MFA for rapid deployment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sonicwall-ssl-vpn-attacks-escalate/
-
Akira hackt SonicWall VPN-Konten (auch mit MFA-Absicherung)
Falls jemand SonicWall VPN als Zugang zu seinen IT-Netzwerken verwendet, aufgepasst. Es gibt Berichte, dass die Ransomware-Gruppe Akira SonicWall VPN-Konten angreift. Und die Gruppe ist wohl in der Lage, auch Konten zu knacken, die per Multifaktor-Authentifizierung (MFA) gesichert sind, wenn … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/29/akira-hackt-sonicwall-vpn-konten-auch-mit-mfa-absicherung/
-
Ransowmare: Akira umgeht MFA von SonicwallKonten
Die Cybererpresser melden sich erfolgreich bei vollständig gepatchten SSL-VPN-Firewalls an. First seen on golem.de Jump to article: www.golem.de/news/ransowmare-akira-umgeht-mfa-von-sonicwall-vpn-konten-2509-200593.html
-
Firezone: Open-source platform to securely manage remote access
Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/firezone-open-source-secure-remote-access-management/
-
Firezone: Open-source platform to securely manage remote access
Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/firezone-open-source-secure-remote-access-management/
-
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully authenticating despite OTP MFA being enabled on accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/akira-ransomware-breaching-mfa-protected-sonicwall-vpn-accounts/
-
Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection
the Windows binary uses heavy obfuscation and packing: it loads its payload through DLL reflection while implementing anti-analysis techniques like Event Tracing for Windows (ETW) patching and terminating security services;the Linux variant maintains similar functionality with command-line options for targeting specific directories and file types;the ESXi variant specifically targets VMware virtualization environments, and is designed…
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
Resiliente Netzwerke: Sicherheit, die auch in Krisen trägt
Kurzfristige VPN-Erweiterungen lösen akute Probleme, können aber langfristig neue Risiken und Komplexität bringen. SASE bündelt Netzwerk- und Sicherheitsfunktionen in einer cloudbasierten Architektur. Ziel ist, Mitarbeitenden überall sicheren Zugriff zu ermöglichen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/resiliente-netzwerke-sicherheit-die-auch-in-krisen-traegt/a42164/
-
Resiliente Netzwerke: Sicherheit, die auch in Krisen trägt
Kurzfristige VPN-Erweiterungen lösen akute Probleme, können aber langfristig neue Risiken und Komplexität bringen. SASE bündelt Netzwerk- und Sicherheitsfunktionen in einer cloudbasierten Architektur. Ziel ist, Mitarbeitenden überall sicheren Zugriff zu ermöglichen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/resiliente-netzwerke-sicherheit-die-auch-in-krisen-traegt/a42164/