Tag: vpn
-
WatchGuard VPN Flaw Allows Remote Attackers to Execute Arbitrary Code
A critical security vulnerability has been discovered in WatchGuard Firebox appliances that could allow remote attackers to execute arbitrary code without authentication. The flaw, identified as CVE-2025-9242, affects the IKEv2 VPN service and has been assigned a severity score of 9.3 under CVSS 4.0, marking it as a critical threat to organizations using these security…
-
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code.The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including First seen on…
-
Firefox VPN soll den Datenschutz kostenlos optimieren
Mozilla will mit Firefox VPN einen kostenlosen VPN-Dienst in den eigenen Browser integrieren. Man sucht dafür nach freiwilligen Betatestern. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/firefox-vpn-soll-den-datenschutz-kostenlos-verbessern-321852.html
-
Firefox VPN soll den Datenschutz kostenlos optimieren
Mozilla will mit Firefox VPN einen kostenlosen VPN-Dienst in den eigenen Browser integrieren. Man sucht dafür nach freiwilligen Betatestern. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/firefox-vpn-soll-den-datenschutz-kostenlos-verbessern-321852.html
-
Malicious Ivanti VPN Client Sites in Google Search Deliver Malware, Users Warned
Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking legitimate software downloads. The Zscaler Threat Hunting team recently detected a surge in malicious activity leveraging SEO manipulation, primarily targeting Bing search…
-
Malicious Ivanti VPN Client Sites in Google Search Deliver Malware, Users Warned
Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking legitimate software downloads. The Zscaler Threat Hunting team recently detected a surge in malicious activity leveraging SEO manipulation, primarily targeting Bing search…
-
Malicious Ivanti VPN Client Sites in Google Search Deliver Malware, Users Warned
Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking legitimate software downloads. The Zscaler Threat Hunting team recently detected a surge in malicious activity leveraging SEO manipulation, primarily targeting Bing search…
-
BlackSuit Ransomware Breaches Corporate Network Using Single Compromised VPN Credential
Tags: access, attack, breach, corporate, credentials, cyber, cybercrime, encryption, group, network, ransomware, threat, vpnA major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in widespread encryption of virtual machines and brought critical operations to a halt. The Initial Compromise The breach…
-
BlackSuit Ransomware Breaches Corporate Network Using Single Compromised VPN Credential
Tags: access, attack, breach, corporate, credentials, cyber, cybercrime, encryption, group, network, ransomware, threat, vpnA major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in widespread encryption of virtual machines and brought critical operations to a halt. The Initial Compromise The breach…
-
Mozilla is recruiting beta testers for a free, baked-in Firefox VPN
Lucky few randomly selected to trial the feature, which won’t fully roll out for several months First seen on theregister.com Jump to article: www.theregister.com/2025/10/14/mozilla_firefox_vpn_beta/
-
3 Best VPN for iPhone (2025), Tested and Reviewed
There are dozens of iPhone VPNs at your disposal, but these are the services that will actually keep your browsing safe. First seen on wired.com Jump to article: www.wired.com/gallery/best-vpn-for-iphone/
-
3 Best VPN for iPhone (2025), Tested and Reviewed
There are dozens of iPhone VPNs at your disposal, but these are the services that will actually keep your browsing safe. First seen on wired.com Jump to article: www.wired.com/gallery/best-vpn-for-iphone/
-
SonicWall VPNs face a breach of their own after the September cloud-backup fallout
What defenders should watch out for: Huntress highlighted that, in a few cases, successful SSLVPN authentication was followed by internal reconnaissance traffic or access attempts to Windows administrative accounts. Additionally, logins originating from a single recurring public IP may suggest a coordinated campaign rather than random credential reuse.On top of the steps outlined in SonicWall’s…
-
North Korean IT Workers Use VPNs and Laptop Farms to Evade Identity Verification
In a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their true origins. State-backed cyber units employ these operatives to generate revenue for sanctioned weapons programs and gather intelligence across…
-
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-vpn-accounts-breached-using-stolen-creds-in-widespread-attacks/
-
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-stealit-malware-campaign-vpn/
-
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-stealit-malware-campaign-vpn/
-
Security Misconfigurations: The Future Disaster That’s Staring You in the Face
Misconfigurations”, not hackers”, cause many cyber breaches. Learn how IP restrictions, VPNs, and new AI protocols like MCP can expose hidden security gaps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/security-misconfigurations-the-future-disaster-thats-staring-you-in-the-face/
-
Stealit Malware spreads via fake game VPN installers on Mediafire and Discord
Stealit malware abuses Node.js SEA and Electron to spread via fake game and VPN installers shared on Mediafire and Discord. Fortinet FortiGuard Labs researchers spotted Stealit malware campaign abusing Node.js Single Executable Application (SEA) and sometimes Electron to spread via fake game and VPN installers on Mediafire and Discord. Fortinet uncovered the campaign while investigating…
-
Stealit Malware spreads via fake game VPN installers on Mediafire and Discord
Stealit malware abuses Node.js SEA and Electron to spread via fake game and VPN installers shared on Mediafire and Discord. Fortinet FortiGuard Labs researchers spotted Stealit malware campaign abusing Node.js Single Executable Application (SEA) and sometimes Electron to spread via fake game and VPN installers on Mediafire and Discord. Fortinet uncovered the campaign while investigating…
-
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups
Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…
-
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups
Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…
-
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.”Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,’” eSentire said in a technical report published First seen on thehackernews.com…
-
Attackers exploit valid logins in SonicWall SSL VPN compromise
Huntress warns of widespread SonicWall SSL VPN breaches, with attackers using valid credentials to access multiple accounts rapidly. Cybersecurity firm Huntress warned of a widespread compromise of SonicWall SSL VPNs, with threat actors using valid credentials to access multiple customer accounts rapidly. >>As of October 10, Huntress has observed widespread compromise of SonicWall SSLVPN devices…
-
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments.”Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.”A significant chunk of First seen…
-
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments.”Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.”A significant chunk of First seen…
-
Stealit Malware Using Node.js to Hide in Fake Game and VPN Installers
Fortinet warns of Stealit, a MaaS infostealer, now targeting Windows systems and evading detection by using Node.js’s SEA feature while hiding in fake game and VPN installers. First seen on hackread.com Jump to article: hackread.com/stealit-malware-node-js-fake-game-vpn-installers/
-
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
-
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
-
Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands
Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious activity within a financial services customer’s environment when legitimate CiscoVPN logins coincided with anomalous WMI calls to multiple endpoints. Investigation revealed that an Active Directory account named “serviceaccount” had been abused alongside the VPN access,…