Virtual Private Networks

CISA Alerts to New Ransomware, Trojan Using Public Pen Testing Tools

May 6, 2021 - The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released an alert for a newer ransomware variant and remote access trojan (RAT) spotted in the wild using publicly available pen testing and exploitation tools to steal and obfuscate data. FiveHands is a novel ransomware that relies on a public key encryption...

Read More


More Articles

CISA Ties SUPERNOVA Malware to Pulse Secure, SolarWinds Exploits

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released a report on the relatively new malware variant known as SUPERNOVA, which ties the threat to both...

DHS CISA: Critical Pulse Secure VPN Vulnerabilities Under Active Attack

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency issued an alert that warned critical, zero-day vulnerabilities in certain Ivanti Pulse Connect Secure SSL VPNs are...

Fed Joint Advisory: Patch These 5 Vulnerabilities Under Active Attack

by Jessica Davis

The National Security Agency, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency, and the FBI released a joint alert, warning that nation-state threat actors from...

Threat Actors Can Leverage RDP Servers to Amplify DDoS Attacks

by Jessica Davis

A recent report from Netscout revealed that threat actors can abuse the Microsoft remote desktop protocol (RDP) to amplify denial-of-service (DDoS) attacks. Researchers identified over 14,000 servers...

FBI Warns Egregor Ransomware Actors Actively Extorting Entities

by Jessica Davis

All private sector organizations are being urged to be on the alert for potential malicious activities from the threat actors behind Egregor ransomware. The FBI alert warns the hacking group is...

DHS CISA: Fortinet VPN Vulnerability Poses Password Exposure Risk

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Agency recently released an alert, warning all private sector organizations of a vulnerability found in certain Fortinet devices...

3 Key Entry Points for Leading Ransomware Hacking Groups

by Jessica Davis

The number of successful ransomware attacks declined amid the COVID-19 pandemic, but security leaders warned hacking groups have not ceased the barrage of attacks on...

Iranian Hackers Targeting, Exploiting VPN Flaws of US Healthcare, IT Orgs

by Jessica Davis

Hackers with ties to Iran are exploiting flaws found in commonly used Virtual Private Networks (VPNs) across a range of federal agencies and businesses, including those in the healthcare...

FBI, CISA Alert of Surge in Vishing Cyberattacks on Remote Workers

by Jessica Davis

Hackers are targeting employees working remotely amid the COVID-19 pandemic with a voice phishing, or “vishing,” campaign to obtain enterprise login credentials for mining...

Hacker Leaks 900 Enterprise VPN Server Passwords on Dark Web

by Jessica Davis

The usernames and passwords, as well as IP addresses, from more than 900 Pulse Secure Virtual Private Network enterprise servers were posted in plain text on the dark web by a Russian-speaking...

Russian Hackers Target COVID-19 Vaccine Developers with Cyberattacks

by Jessica Davis

Russian hackers are targeting the healthcare, pharmaceutical, and academic research sectors, as well as other vaccine developers with cyberattacks, in an effort designed to steal information...

NSA Shares Guide to Securing IPSec VPNs, Telework, Remote Sites

by Jessica Davis

The National Security Agency (NSA) released guidance designed to help organizations better secure Ip Security (IpSec) Virtual Private Networks (VPNs), given the rapid adoption of telework and...

DHS Alerts to Ransomware Campaign Targeting Remote Access Systems

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency issued an alert, urging enterprise organizations to review recent insights from the New Zealand Computer Emergency...

DHS CISA, FBI Reveal The Top Exploited Vulnerabilities Since 2016

by Jessica Davis

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency, the FBI, and the US government recently unveiled the 10 most exploited vulnerabilities from 2016 and 2019, as well...

Ransomware Causes 15 Days of EHR Downtime, as Payments Avg $111K

by Jessica Davis

The average ransomware demand paid by organizations jumped 33 percent to nearly $112,000 between the last quarter of 2019 and the first quarter of 2020, according to Coveware’s Q1 ransomware...

COVID-19 Remote Work Causes Spike in Brute-Force RDP Cyberattacks

by Jessica Davis

The number of brute-force attacks on remote desktop protocol (RDP) servers has drastically increased amid the COVID-19 pandemic, as a record number of employees are now working from home, according to...

Microsoft: COVID-19 Fueling Human-Operated Ransomware Deployments

by Jessica Davis

In the last two weeks, ransomware hacking groups have deployed the decrypting payload, after several months of gathering access to and maintaining persistence on victim networks, according to the...

DHS Warns Hackers Compromising Patched VPNs with Stolen Credentials

by Jessica Davis

Hackers are leveraging stolen credentials to gain access to internal networks through Pulse Secure Virtual Private Networks, even if the victim organization patched a well-known vulnerability,...

AMA, AHA Share COVID-19 Telework Guidance for Hospitals, Providers

by Jessica Davis

The American Medical Association and the American Hospital Association developed guidance for hospitals and providers on best practice cybersecurity for the remote work environment, in response to the...

Recent Articles