Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations, Cybersecurity Firm Says

June 24, 2024 at 03:18PM A Chinese state-sponsored hacking group known as RedJuliett has intensified attacks on Taiwanese organizations, particularly in government, education, technology, and diplomacy sectors. They exploited a vulnerability in SoftEther VPN software to access servers. The group’s activities align with Chinese state-sponsored hacking patterns. Recorded Future expects continued targeting of Taiwanese agencies, … Read more

Check Point VPN Targeted for Initial Access in Enterprise Attacks

May 28, 2024 at 05:33AM Check Point advises customers to review VPN configurations to prevent abuse by threat actors, citing attempts to gain access through old VPN local accounts with password-only authentication. The company recommends using additional authentication measures, deploying products on security gateways, and disabling unnecessary local accounts. It also provides a script and … Read more

Watch out for rogue DHCP servers decloaking your VPN connections

May 7, 2024 at 05:59PM A vulnerability dubbed TunnelVision allows attackers to reroute VPN traffic via DHCP, potentially exposing encrypted data to snooping. VPN and OS types don’t matter, except for Android, which is safe. The researchers suggest using network namespaces and firewall-level mitigations but recognize these may not fully resolve the issue. VPN users … Read more

Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks

April 17, 2024 at 10:01AM Cisco‚Äôs Talos unit warns of mass brute-force attacks targeting VPN services, web application authentication interfaces, and SSH services. The attacks, originating from Tor exit nodes, use generic and valid usernames, affecting various services. Cisco observed a significant increase in these attacks and has added the associated IP addresses to its … Read more

SolarWinds: SEC ‘lacks the competence’ to regulate cybersecurity

November 9, 2023 at 12:12PM SolarWinds has strongly defended itself against the Securities and Exchange Commission’s (SEC) lawsuit over the 2020 SUNBURST cyberattack. The company called the SEC’s claims “fundamentally flawed” and stated that it had appropriate cybersecurity controls in place before the attack. SolarWinds accused the SEC of overreaching and lacking the authority to … Read more