Product showcase: Go beyond VPNs and Tor with NymVPN 2025-05-13 at 16:01 By Help Net Security If you care about online privacy, you probably already know: Centralized VPNs and even Tor aren’t enough anymore. Traditional VPNs require you to trust a single company with your internet activity. Even if they promise “no logs,” you’re still […]
React to this headline:
Product showcase: Go beyond VPNs and Tor with NymVPN Read More »
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) 2025-05-08 at 15:38 By Zeljka Zorz SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also
React to this headline:
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) Read More »
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This
React to this headline:
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) 2025-04-03 at 21:01 By Zeljka Zorz A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7R2.5 or earlier or Pulse Connect Secure 9.1x. The vulnerability
React to this headline:
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) Read More »
Attackers are probing Palo Alto Networks GlobalProtect portals 2025-04-01 at 14:21 By Zeljka Zorz Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and look for signs of compromise. “The
React to this headline:
Attackers are probing Palo Alto Networks GlobalProtect portals Read More »
China-aligned PlushDaemon APT compromises supply chain of Korean VPN 2025-01-22 at 08:04 By Help Net Security ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious
React to this headline:
China-aligned PlushDaemon APT compromises supply chain of Korean VPN Read More »
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) 2025-01-09 at 14:23 By Zeljka Zorz The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s still impossible to say whether they were mounted by a single threat actor, but the
React to this headline:
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) Read More »
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) 2025-01-08 at 21:49 By Zeljka Zorz Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer overflow
React to this headline:
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Read More »
Researchers reveal exploitable flaws in corporate VPN clients 2024-11-26 at 17:33 By Zeljka Zorz Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-2024-5921 affects various versions of Palo Alto’s GlobalProtect App on
React to this headline:
Researchers reveal exploitable flaws in corporate VPN clients Read More »
Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains 2024-08-12 at 19:01 By Ryan Naraine The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks. The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains Read More »
Port Shadow Attack Allows VPN Traffic Interception, Redirection 2024-07-18 at 16:01 By Eduard Kovacs Researchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic. The post Port Shadow Attack Allows VPN Traffic Interception, Redirection appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Port Shadow Attack Allows VPN Traffic Interception, Redirection Read More »
PoC Published for Exploited Check Point VPN Vulnerability 2024-06-03 at 15:46 By Ionut Arghire PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
PoC Published for Exploited Check Point VPN Vulnerability Read More »
Check Point VPN Attacks Involve Zero-Day Exploited Since April 2024-05-30 at 12:46 By Eduard Kovacs The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Check Point VPN Attacks Involve Zero-Day Exploited Since April Read More »
Attackers are probing Check Point Remote Access VPN devices 2024-05-28 at 12:46 By Zeljka Zorz Attackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. Their ultimate goal is to use that access to discover and pivot to other enterprise assets
React to this headline:
Attackers are probing Check Point Remote Access VPN devices Read More »
Check Point VPN Targeted for Initial Access in Enterprise Attacks 2024-05-28 at 12:31 By Eduard Kovacs Check Point is warning customers that threat actors are targeting insecure VPN instances for initial access to enterprise networks. The post Check Point VPN Targeted for Initial Access in Enterprise Attacks appeared first on SecurityWeek. This article is an
React to this headline:
Check Point VPN Targeted for Initial Access in Enterprise Attacks Read More »
New ‘TunnelVision’ Technique Leaks Traffic From Any VPN System 2024-05-08 at 17:01 By Ionut Arghire A new VPN bypass technique allows threat actors to snoop on victims’ traffic by forcing it off the VPN tunnel using built-in features of DHCP. The post New ‘TunnelVision’ Technique Leaks Traffic From Any VPN System appeared first on SecurityWeek.
React to this headline:
New ‘TunnelVision’ Technique Leaks Traffic From Any VPN System Read More »
Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) 2024-05-08 at 16:31 By Zeljka Zorz Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same
React to this headline:
Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) Read More »
56% of cyber insurance claims originate in the email inbox 2024-04-25 at 13:01 By Help Net Security 56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber
React to this headline:
56% of cyber insurance claims originate in the email inbox Read More »
Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks 2024-04-17 at 17:01 By Ionut Arghire Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services. The post Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks Read More »
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability 2024-04-08 at 18:01 By Ionut Arghire Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek. This
React to this headline:
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability Read More »