vpn
Stealthy ‘Magic Packet’ malware targets Juniper VPN gateways
A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in the network traffic. The J-magic attacks appear to target organizations in the semiconductor, energy, manufacturing (marine, solar panels, heavy machinery), and IT sectors. […]
IPany VPN breached in supply-chain attack to push custom malware
South Korean VPN provider IPany was breached in a supply chain attack by the “PlushDaemon” China-aligned hacking group, who compromised the company’s VPN installer to deploy the custom ‘SlowStepper’ malware. The hackers managed to infiltrate IPany’s development platform and insert its custom ‘SlowStepper’ backdoor on its installer (‘IPanyVPNsetup.exe’), which infected customer systems when the VPN was […]
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. The data was leaked by the “Belsen Group,” a new hacking group first appearing on social media and cybercrime […]
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices. The flaw was discovered and reported to D-Link by security researcher ‘delsploit,’ but technical details have been withheld from the public to avoid triggering mass exploitation attempts in […]
Helldown ransomware exploits Zyxel VPN flaw to breach networks
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with medium confidence based on recent observations of Helldown attacks. Although not among the major players in the ransomware space, Helldown has quickly grown since […]
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and […]
Ukraine arrests rogue VPN operator providing access to Runet
Ukraine cyber police have arrested a 28-year-old man who operated a massive virtual private network (VPN) service, allowing people from within the country to access the Russian internet (Runet). Runet is the portion of the internet that includes Russian sites on the “.ru” and “.su” top-level domains, including government sites, social media platforms, search engines, and […]
Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security. For over 20 years, the enterprise has used the PPTP and L2TP VPN protocols to provide remote access to corporate networks and Windows servers. […]
Discord blocked in Russia and Turkey for spreading illegal content
Discord has been suddenly blocked in Russia and Turkey since yesterday due to illegal activity residing on the platform, leaving legitimate users in those countries unable to visit the website or connect to the service. While Discord started as a communication and community-building space for gamers, it has since expanded to include a broad spectrum […]
Microsoft Defender adds detection of unsecure Wi-Fi networks
Microsoft Defender now automatically detects and notifies users with a Microsoft 365 Personal or Family subscription when they’re connected to unsecured Wi-Fi networks. The Defender privacy protection feature (also known as Defender VPN) protects your privacy and security when connected to public Wi-Fi or an untrusted network, where your data and identity could be exposed […]