Tag: vpn
-
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
100-plus prebuilt tool recipes and a human-readable YAML-based extension system;Attack-chain graph, risk scoring, and “step-by-step replay”;Password-protected web user interfaces (UIs) and audit logs;A knowledge base with vector search, hybrid retrieval, and searchable archives;Vulnerability management with create, read, update, delete (CRUD) operations, severity tracking, status workflow, and statistics;Batch task management that can organize task queues and…
-
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Tags: access, cloud, corporate, credentials, cyber, data-breach, exploit, hacker, marketplace, network, ransomware, vpnHackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full network compromise, supporting ransomware operators, Initial Access Brokers (IABs), and hacktivist collectives. Telegram hosts popular…
-
Hackers Launch Massive SonicWall Firewall Attack Using 4,000+ IP Addresses
Hackers are actively mapping SonicWall firewalls worldwide, launching more than 84,000 SonicOS scanning sessions from over 4,000 unique IP addresses in just four days to identify SSL VPN targets for future credential and vulnerability attacks. Three operationally distinct infrastructure clusters coordinated large-scale VPN enumeration, with 92% of all sessions hitting a single SonicOS REST API…
-
12 Million exposed .env files reveal widespread security failures
Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny rule, an overlooked server setting, or a full project folder uploaded to production can quietly expose a company’s most sensitive secrets. In many cases, those secrets live inside simple environment files…
-
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
Tags: access, api, apt, china, cloud, communications, cyber, cyberespionage, data, defense, endpoint, espionage, google, government, group, hacker, infrastructure, intelligence, linux, mandiant, monitoring, network, phone, radius, service, spy, theft, threat, vpnHow Mandiant found it: The campaign came to light during a Mandiant Threat Defense investigation, when analysts flagged unusual activity on a CentOS server. A binary named xapt, designed to masquerade as the apt package manager on Debian-based Linux systems, had already escalated to root and was running shell commands to confirm its access level,…
-
Netzwerkverschlüsselung und Netzkopplung – Quantensicheres VPN-Gateway verbindet Standorte mit 100 Gbit/s
Tags: vpnFirst seen on security-insider.de Jump to article: www.security-insider.de/quantensicheres-vpn-gateway-verbindet-standorte-mit-100-gbits-a-d2a380b22dc3f0a1771571e84a436dc8/
-
IP Lookup for Enterprise Authentication: How to Use IP Reputation, VPN/Proxy Detection, and Risk-Based MFA
Learn how IP lookup, reputation checks, VPN detection, and risk-based MFA strengthen enterprise authentication and prevent fraud. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ip-lookup-for-enterprise-authentication-how-to-use-ip-reputation-vpn-proxy-detection-and-risk-based-mfa/
-
The rise of the evasive adversary
Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-dayBig game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…
-
Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon
Tags: access, ai, api, attack, authentication, business, ciso, control, credentials, cybersecurity, data-breach, detection, exploit, firewall, fortinet, group, Internet, linkedin, malicious, mfa, monitoring, network, password, russia, software, threat, tool, vpn, vulnerabilityRecommendations: The Amazon report makes a number of recommendations to network admins with FortiGate devices. They include ensuring device management interfaces aren’t exposed to the internet, or, if they have to be, restricting access to known IP ranges and using a bastion host or out-of-band management network. As basic cybersecurity demands, all default and common…
-
VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report
Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN product, which allowed the hackers to gain access to 119 other unnamed organizations. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/23/vpn-flaws-allowed-chinese-hackers-to-compromise-dozens-of-ivanti-customers-says-report/
-
New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads
The stealer employs a broad data-theft toolkit: The researchers noted that the Python implementation acts as a wide-net data harvester. It collects system information, extracts browser-stored data, and pulls details from communication platforms, including Telegram and Discord. Additional modules target VPN configurations, retrieve selected files from the host, and can deliver other payloads, suggesting the…
-
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
Patch, but verify first: Unit 42 directed organizations to Ivanti’s security advisory for remediation guidance, which recommends applying version-specific RPM patches for EPMM 12.x branches that require no appliance downtime. Ivanti cautioned, however, that the patch does not survive a version upgrade and must be reinstalled if the software is updated. “The permanent fix for…
-
VPN in Microsoft Edge ist kein VPN
Ein Forscher hat sich das von Microsoft beworbene VPN-Feature in Edge angeschaut. Es werde dem Begriff VPN nicht gerecht. First seen on golem.de Jump to article: www.golem.de/news/browser-vpn-in-microsoft-edge-ist-kein-vpn-2602-205720.html
-
10 Passwordless-Optionen für Unternehmen
Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Passwörter sind seit Jahrzehnten der Authentifizierungsstandard für Computersysteme, obwohl sie sich immer wieder aufs Neue als anfällig für diverse Cyberangriffsformen erwiesen haben und kompromittierte Benutzerkonten auf regelmäßiger Basis zum Einfallstor für kriminelle Hacker werden. Ein Mittel für CISOs, um diesem Problem…
-
Trump Eyes VPN-Enabled Freedom.gov to Skirt EU Content Bans
State Department Project Reportedly Aims To Counter Global Content Moderation Laws. The Trump administration is discussing the launch of an online portal allowing unfettered access to content restricted elsewhere by governments. The administration has chaffed, in particular, at the European Digital Services Act, which governs how platforms handle illegal content. First seen on govinfosecurity.com Jump…
-
(g+) Angriffe auf VPN und Fernzugänge: Warum 2026 zum Härtetest für Hybridarbeit wird
Fernzugänge sind 2026 eine der wichtigsten Angriffsflächen. Wir geben eine praxisnahe Checkliste für Schutz, Monitoring und Patch-Routine. First seen on golem.de Jump to article: www.golem.de/news/angriffe-auf-vpn-und-fernzugaenge-warum-2026-zum-haertetest-fuer-hybridarbeit-wird-2602-205564.html
-
Remote Access ohne IP – Zeroport will VPNs überflüssig machen
First seen on security-insider.de Jump to article: www.security-insider.de/zeroport-will-vpns-ueberfluessig-machen-a-ab9aced40c5022d33d26b3c65688fa12/
-
Millionen Chrome-Erweiterungen geben Browserverlauf preis
Eine Sicherheitslücke in beliebten Chrome-Erweiterungen führt dazu, dass der Browserverlauf der Anwender offengelegt ist.Ein Sicherheitsforscher mit dem Pseudonym ‘Q Continuum” hat 287 Chrome-Erweiterungen entdeckt, die den Browserverlauf exfiltrieren. ‘Die Akteure hinter den Lecks sind vielfältig: Similarweb, Curly Doggo, Offidocs, chinesische Akteure, viele kleinere, unbekannte Datenbroker sowie ein mysteriöses Unternehmen namens “šBig Star Labs’, das offenbar…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
Carelessness versus craftsmanship in cryptography
Tags: access, advisory, api, attack, authentication, computing, credentials, cryptography, data, email, encryption, github, hacker, oracle, side-channel, software, threat, tool, update, vpn, vulnerabilityTwo popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer provided a model response for security vendors. The…
-
Spain orders NordVPN, ProtonVPN to block LaLiga piracy sites
Tags: vpnA Spanish court has granted precautionary measures against NordVPN and ProtonVPN, ordering the two popular VPN providers to block 16 websites that facilitate piracy of football matches. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/spain-orders-nordvpn-protonvpn-to-block-laliga-piracy-sites/
-
Businesses may be caught by government proposals to restrict VPN use
Labour proposals to restrict social media use to people aged 16 and under could have unintended consequences for businesses using virtual private networks First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639234/Businesses-may-be-caught-by-government-proposals-to-restrict-VPN-use
-
Russia Set to Block Telegram Access Nationwide from April 1
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring previous restrictions imposed on Instagram and Facebook in the country. Roskomnadzor, Russia’s telecommunications regulator, has neither confirmed nor denied…
-
Adblock Filters Expose User Location Even With VPN Protection
A new fingerprinting technique called >>Adbleed<< reveals that VPN users aren't as anonymous as they think. While VPNs hide your IP address and encrypt traffic, they can't conceal which country-specific adblock filter lists are installed in your browser and that's enough to expose your location. How Adblockers Create a Privacy Leak Most adblockers like uBlock…
-
Microsoft Patches Windows Flaw Causing VPN Disruptions
Microsoft patches CVE-2026-21525, an actively exploited RasMan flaw that can crash Windows VPN services and disrupt remote access. The post Microsoft Patches Windows Flaw Causing VPN Disruptions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-rasman-cve-vpn/
-
FortiOS Authentication Bypass Exposes VPN and SSO Deployments
Fortinet disclosed a FortiOS flaw that could allow LDAP authentication bypass for VPN and SSO access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fortios-authentication-bypass-exposes-vpn-and-sso-deployments/
-
FortiOS Authentication Bypass Exposes VPN and SSO Deployments
Fortinet disclosed a FortiOS flaw that could allow LDAP authentication bypass for VPN and SSO access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fortios-authentication-bypass-exposes-vpn-and-sso-deployments/
-
Firewalls und mehr: Fast 4.000 deutsche Edge-Devices hängen ohne Support im Netz
Deutsche Organisationen betreiben Tausende angreifbarer Edge-Devices wie Firewalls und VPN-Appliances. Es besteht dringender Handlungsbedarf. First seen on golem.de Jump to article: www.golem.de/news/firewalls-und-mehr-fast-4-000-deutsche-edge-devices-haengen-ohne-support-im-netz-2602-205159.html
-
Over 5 Million Misconfigured Git Web Servers Found Exposing Secrets Online
A massive widespread vulnerability in web server configurations has left millions of websites open to data theft and unauthorised takeover. A new 2026 study conducted by the Mysterium VPN research team reveals that nearly 5 million web servers worldwide are publicly exposing their .git repository metadata. The Scale of the Leak The research scanned the internet for…
-
Poland’s energy control systems were breached through exposed VPN access
On 29 December 2025, coordinated cyberattacks unfolded across Poland’s critical infrastructure, targeting energy and industrial organizations. The attackers struck numerous … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/poland-cyberattacks-energy-sector-industrial-organizations/