Tag: vpn
-
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware
A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
-
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware
A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
-
SonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira Ransomware
A significant uptick in Akira ransomware attacks has been observed exploiting unpatched SonicWall SSL VPN devices between July and August 2025. Despite a patch release the same day, many organizations remained vulnerable, allowing threat actors to gain initial access and deploy Akira’s double-extortion scheme. On August 20, 2025, Darktrace detected anomalous network scanning and reconnaissance…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
So verändert SASE die Cybersicherheit
Angesichts rasant steigender Cyberangriffe und wachsender Vernetzung scheint die klassische Defense-in-Depth-Strategie an ihre Grenzen zu stoßen. Unternehmen setzen heute auf zahlreiche Einzellösungen Firewalls, VPNs, SWG, CASB etc. doch die Koordination untereinander funktioniert selten reibungslos. Das Ergebnis: Transparenzlücken, unübersichtliche Tools, widersprüchliche Richtlinien, langsame Reaktion und hohe Kosten. Secure-Access-Service-Edge (SASE) wird in diesem Kontext als […] First…
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails EvilAI Operators Use AI-Generated Code…
-
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
-
Hundreds of Free VPN Apps Expose Android and iOS Users’ Personal Data
Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile devices. But what if the very apps designed to safeguard your data are riddled with dangerous security flaws that expose the exact information they promise to protect? A comprehensive security and privacy analysis by Zimperium…
-
Free VPN Apps Found Riddled With Security Flaws
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/free-vpn-apps-security-flaws/
-
Free VPN Apps Found Riddled With Security Flaws
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/free-vpn-apps-security-flaws/
-
Sicherer Fernzugriff neu gedacht – Warum Zero Trust Network Access das klassische VPN ablöst
First seen on security-insider.de Jump to article: www.security-insider.de/zero-trust-abloesung-vpn-a-810f1aa6f42690a1c2b38816ba3f4505/
-
Android malware uses VNC to give attackers hands-on access
A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-uses-vnc-to-give-attackers-hands-on-access/
-
Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care
The shutdown, confirmed by internet monitoring groups NetBlocks, Kentik and Proton VPN, began late Monday and continued into Tuesday, affecting both mobile and fixed-line services. Telephone networks were also disrupted. First seen on therecord.media Jump to article: therecord.media/afghanistan-plunged-into-nationwide-internet-blackout
-
Akira Hits SonicWall VPNs in Broad Ransomware Campaign
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/akira-sonicwall-vpns-broad-ransomware-campaign
-
Surging Threats, Complexity Means VPNs Are On Their Way Out: Experts
The continuing intensification of attacks targeting VPNs and the complexities of hybrid IT environments are accelerating the shift away from the technology and toward cloud-based alternatives such as zero trust network access (ZTNA), experts told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2025/surging-threats-complexity-means-vpns-are-on-their-way-out-experts
-
Gone in 60 Minutes: Akira Defeats MFA for SonicWall SSL VPNs
‘Opportunistic, Mass Exploitation’ Campaign Surging, Say Cybersecurity Researchers. Attackers wielding Akira ransomware appear to be engaged in an opportunistic, mass exploitation of SonicWall SSL VPN servers, even when they’re using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gone-in-60-minutes-akira-defeats-mfa-for-sonicwall-ssl-vpns-a-29590
-
Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/akira-ransomware-sonicwall-vpn/
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
Kampagne mit Ransomware Akira zielt auf Sonicwall-VPNs ab
Ende Juli 2025 hat Arctic Wolf Labs, das Threat-Research-Team von Arctic Wolf, eine Reihe von Angriffen beobachtet, bei denen verdächtige -Aktivitäten aufgetreten sind. Hierbei folgten auf unberechtigte Anmeldungen innerhalb weniger Minuten Port-Scans, Impacket-SMB-Aktivitäten und die schnelle Verbreitung der Akira-Ransomware. Die betroffenen Unternehmen sind aus verschiedenen Branchen und weisen unterschiedliche Größen auf, was auf eine opportunistische Herangehensweise…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Akira Ransomware bypasses MFA on SonicWall VPNs
Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from the exploitation of the CVE-2024-40766 vulnerability, bypassing OTP MFA. Attacks spread quickly across sectors, with rapid post-login activity and short dwell times, making…
-
SonicWall SSL VPN Attacks Escalate, Bypassing MFA
Akira ransomware attacks on SonicWall SSL VPN appliances are bypassing its MFA for rapid deployment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sonicwall-ssl-vpn-attacks-escalate/
-
Akira hackt SonicWall VPN-Konten (auch mit MFA-Absicherung)
Falls jemand SonicWall VPN als Zugang zu seinen IT-Netzwerken verwendet, aufgepasst. Es gibt Berichte, dass die Ransomware-Gruppe Akira SonicWall VPN-Konten angreift. Und die Gruppe ist wohl in der Lage, auch Konten zu knacken, die per Multifaktor-Authentifizierung (MFA) gesichert sind, wenn … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/29/akira-hackt-sonicwall-vpn-konten-auch-mit-mfa-absicherung/