May 22, 2024 at 01:23PM The Intercontinental Exchange (ICE) has agreed to pay a $10 million penalty to settle charges by the SEC for failing to promptly report a 2021 VPN security breach. ICE, a Fortune 500 company, owns global financial exchanges and employs over 13,000 people. The breach, caused by suspected state hackers, exposed … Read more
April 16, 2024 at 12:14PM Cisco warns about a global large-scale brute force attack targeting VPN and SSH services on various devices. The attack involves a mix of valid and generic employee usernames, started on March 18, 2024, and uses anonymization tools. It targets a range of services and lacks a specific focus, with possible … Read more
April 11, 2024 at 08:25AM DuckDuckGo launched ‘Privacy Pro’, a new 3-in-1 subscription service including a VPN, personal data removal, and identity theft restoration. The company, known for its privacy focus, promises a strict no-logs policy for the VPN and provides services to minimize identity theft risks. However, the subscription is on the pricier side … Read more
April 8, 2024 at 10:54AM Researchers at the Shadowserver Foundation discovered thousands of internet-exposed Ivanti VPN appliances vulnerable to a recently disclosed CVE-2024-21894, enabling remote code execution. Ivanti released updates for this and other vulnerabilities, urging users to update instances. ShadowServer found over 16,000 affected Ivanti VPN instances, mostly in the US and Japan, with … Read more
March 27, 2024 at 10:54AM Numerous VPN apps turned Android devices into residential proxies and made their way into the Google Play store, containing a malicious library responsible for enrolling devices as proxy nodes and linked to Asocks, a residential proxy seller. The malicious functionality could be added to any APK through the LumiApps SDK. … Read more
March 15, 2024 at 01:18PM PornHub has added Texas to its blocklist in protest of age verification laws, preventing access to its site. The state’s age verification bill requires adult sites to confirm visitors’re 18 and display a health notice. The company calls for device-based age verification through operating systems, expressing concerns about privacy and … Read more
March 8, 2024 at 03:45AM Cisco has addressed a high-severity security flaw in its Secure Client software, known as CVE-2024-20337, which could be exploited for a VPN session with a targeted user. A successful exploit could permit an attacker to execute arbitrary script code in the browser. Another high-severity flaw in Secure Client for Linux, … Read more
March 1, 2024 at 08:57AM Five Eyes agencies warn of ongoing exploitation of Ivanti VPN flaws and encourage organizations to assume credentials have been compromised, hunt for malicious activity, use Ivanti’s Integrity Checker Tool, and apply patches. Ivanti releases enhanced ICT to detect new/changed files on affected appliances. Agencies offer IoCs, Yara rules, and incident … Read more
February 16, 2024 at 03:03AM The US CISA reported a state government network compromise due to a former employee’s admin account. The threat actor gained access via a virtual private network and obtained credentials from a separate breach. The incident highlighted the lack of multi-factor authentication and the need to secure privileged accounts. The attackers … Read more
February 9, 2024 at 04:09PM Ivanti announced patches for a high-severity vulnerability, CVE-2024-22024, affecting enterprise VPN and network access products. The XML external entity (XXE) issue in SAML component of Connect Secure, Policy Secure, and ZTA appliances could allow unauthorized access to restricted resources. Patches addressing the flaw were included in various versions. No evidence … Read more