March 27, 2024 at 10:54AM Numerous VPN apps turned Android devices into residential proxies and made their way into the Google Play store, containing a malicious library responsible for enrolling devices as proxy nodes and linked to Asocks, a residential proxy seller. The malicious functionality could be added to any APK through the LumiApps SDK. … Read more
March 15, 2024 at 01:18PM PornHub has added Texas to its blocklist in protest of age verification laws, preventing access to its site. The state’s age verification bill requires adult sites to confirm visitors’re 18 and display a health notice. The company calls for device-based age verification through operating systems, expressing concerns about privacy and … Read more
March 8, 2024 at 03:45AM Cisco has addressed a high-severity security flaw in its Secure Client software, known as CVE-2024-20337, which could be exploited for a VPN session with a targeted user. A successful exploit could permit an attacker to execute arbitrary script code in the browser. Another high-severity flaw in Secure Client for Linux, … Read more
March 1, 2024 at 08:57AM Five Eyes agencies warn of ongoing exploitation of Ivanti VPN flaws and encourage organizations to assume credentials have been compromised, hunt for malicious activity, use Ivanti’s Integrity Checker Tool, and apply patches. Ivanti releases enhanced ICT to detect new/changed files on affected appliances. Agencies offer IoCs, Yara rules, and incident … Read more
February 16, 2024 at 03:03AM The US CISA reported a state government network compromise due to a former employee’s admin account. The threat actor gained access via a virtual private network and obtained credentials from a separate breach. The incident highlighted the lack of multi-factor authentication and the need to secure privileged accounts. The attackers … Read more
February 9, 2024 at 04:09PM Ivanti announced patches for a high-severity vulnerability, CVE-2024-22024, affecting enterprise VPN and network access products. The XML external entity (XXE) issue in SAML component of Connect Secure, Policy Secure, and ZTA appliances could allow unauthorized access to restricted resources. Patches addressing the flaw were included in various versions. No evidence … Read more
February 5, 2024 at 04:52PM AnyDesk announced its production systems have been compromised, leading to plans for certificate revocation and password resets. The company assured that end user devices were unaffected and that it is collaborating with law enforcement agencies. AnyDesk advised customers to update passwords and confirmed that it is safe to use its … Read more
January 19, 2024 at 07:49PM The Ivanti Zero-Day vulnerability poses significant real-world impacts, with the need for immediate action to mitigate its effects. The broader concern lies in the pervasive vulnerability of VPNs. An alternative approach, such as Trend Micro™ Zero Trust Secure Access, offers a promising solution to prevent vulnerabilities from escalating into major … Read more
January 16, 2024 at 10:04AM Ivanti Connect Secure (ICS) VPN users are at risk if they have not applied recent vulnerability mitigation. Over 1,700 devices have been compromised due to successful exploits. The attacks have targeted a wide range of organizations globally. Users are advised to run Ivanti’s Integrity Checker Tool to detect compromises and … Read more