brute-force - Security Ticks

SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations

brute-force, firewall, Network Security, password, password reset, SonicWall / SecurityTicks

SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations 2025-09-18 at 13:33 By Ionut Arghire The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords. The post SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations appeared first on SecurityWeek. This […]

React to this headline:

SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations Read More »

Brute-force attacks hammer Fortinet devices worldwide

brute-force, Don't miss, exploit, firewall, Fortinet, GreyNoise, Hot stuff, News / SecurityTicks

Brute-force attacks hammer Fortinet devices worldwide 2025-08-14 at 17:05 By Zeljka Zorz A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network

React to this headline:

Brute-force attacks hammer Fortinet devices worldwide Read More »

Researchers warn of ongoing Entra ID account takeover campaign

account hijacking, account protection, brute-force, Don't miss, Hot stuff, Microsoft Entra ID, News, penetration testing, Proofpoint / SecurityTicks

Researchers warn of ongoing Entra ID account takeover campaign 2025-06-12 at 19:50 By Zeljka Zorz Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research indicates that while simulated intrusions using TeamFiltration date back nearly to the tool’s initial release

React to this headline:

Researchers warn of ongoing Entra ID account takeover campaign Read More »

Faraway Russian hackers breached US organization via Wi-Fi

APT, brute-force, credentials, Don't miss, enterprise, government-backed attacks, Hot stuff, MFA, News, Russian Federation, wireless / SecurityTicks

Faraway Russian hackers breached US organization via Wi-Fi 2024-11-25 at 19:03 By Zeljka Zorz Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s enterprise Wi-Fi network. The repeated attacks Volexity, a company

React to this headline:

Faraway Russian hackers breached US organization via Wi-Fi Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

brute-force, Chrome, CISA, Cisco, Don't miss, enterprise, exploit, Hot stuff, Kaspersky, News, PoC, SharePoint, vulnerability / SecurityTicks

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

React to this headline:

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Hackers breaching construction firms via specialized accounting software

brute-force, credentials, Don't miss, enterprise, Hot stuff, Huntress, News, privileged accounts, SMBs / SecurityTicks

Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation

React to this headline:

Hackers breaching construction firms via specialized accounting software Read More »

PostgreSQL databases under attack

Aqua Security, brute-force, Cloud, cryptojacking, Don't miss, Hot stuff, Linux, Malware, News, PostgreSQL, tips / SecurityTicks

PostgreSQL databases under attack 2024-08-21 at 16:16 By Zeljka Zorz Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the threat actor: Creates a new

React to this headline:

PostgreSQL databases under attack Read More »

Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks

brute-force, Malware & Threats, VPN / SecurityTicks

Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks 2024-04-17 at 17:01 By Ionut Arghire Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services. The post Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks Read More »

Microsoft: Russian hackers accessed internal systems, code repositories

account hijacking, APT, brute-force, Don't miss, government-backed attacks, Hot stuff, IBM X-Force, Microsoft, News / SecurityTicks

Microsoft: Russian hackers accessed internal systems, code repositories 2024-03-11 at 14:14 By Zeljka Zorz Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft corporate email systems to burrow into the company’s source code repositories and internal systems. “It is apparent that

React to this headline:

Microsoft: Russian hackers accessed internal systems, code repositories Read More »

Hackers are targeting exposed MS SQL servers with Mimic ransomware

brute-force, Don't miss, Hot stuff, MS SQL Server, News, Ransomware, Securonix, Trend Micro / SecurityTicks

Hackers are targeting exposed MS SQL servers with Mimic ransomware 2024-01-10 at 17:01 By Helga Labus Hackers are brute-forcing exposed MS SQL database servers to deliver Mimic ransomware, Securonix researchers are warning. About Mimic ransomware Mimic ransomware was first spotted in the wild in June 2022 and analyzed by Trend Micro researchers in January 2023.

React to this headline:

Hackers are targeting exposed MS SQL servers with Mimic ransomware Read More »

Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)

brute-force, Cisco, Don't miss, Hot stuff, News, Rapid7, vulnerability / SecurityTicks

Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269) 08/09/2023 at 14:02 By Zeljka Zorz A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access to vulnerable internet-exposed devices. “This vulnerability was found during the resolution of a Cisco TAC support case,”

React to this headline:

Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269) Read More »

Cybercriminals target MS SQL servers to deliver ransomware

brute-force, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Ransomware / SecurityTicks

Cybercriminals target MS SQL servers to deliver ransomware 06/09/2023 at 16:02 By Helga Labus A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having successfully authenticated, they start enumerating the

React to this headline:

Cybercriminals target MS SQL servers to deliver ransomware Read More »

Cisco VPNs with no MFA enabled hit by ransomware groups

Arctic Wolf Networks, brute-force, Cisco, Don't miss, enterprise, Hot stuff, MFA, News, Ransomware, Rapid7, SMBs, VPN / SecurityTicks

Cisco VPNs with no MFA enabled hit by ransomware groups 31/08/2023 at 14:46 By Zeljka Zorz Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. “In some cases, adversaries have conducted credential stuffing attacks that leveraged weak or default

React to this headline:

Cisco VPNs with no MFA enabled hit by ransomware groups Read More »

LinkedIn users targeted in account hijacking campaign

account hijacking, brute-force, Don't miss, hacking, Hot stuff, LinkedIn, News / SecurityTicks

LinkedIn users targeted in account hijacking campaign 16/08/2023 at 17:03 By Helga Labus LinkedIn users are being targeted in an ongoing account hijacking campaign, are getting locked out of their accounts; the hacked accounts are held for ransom. Users discussing their compromised LinkedIn accounts. (Source: Cyberint) The LinkedIn account hijacking campaign The Cyberint research team

React to this headline:

LinkedIn users targeted in account hijacking campaign Read More »