Network Security

NEWS 
  • How to Identify and Control DoH On Your Network

    February 25, 2020

    Along with bandwidth, privacy and security are the major concerns shared by everybody and everything on the Internet. Engaging in man-in-the-middle style attacks, today hackers from cyber criminal organizations, state sponsored or masse surveillance interception, can intercept clear-text DNS lookups, track and monitor users’ activities or interfere with commerce and undermine confidence in the platform. ...

  • Emotet Now Spreads via Wi-Fi

    February 13, 2020

    A new strain of Emotet was found spreading through wireless internet connections, deviating from the email spam campaigns that the malware commonly utilizes as a means of propagation. According to researchers from Binary Defense, this new loader type takes advantage of the wlanAPI interface to spread from an infected device to an unsecure Wi-Fi network. Emotet was discovered by Trend ...

  • FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw

    January 17, 2020

    FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers. The US Cybersecurity and Infrastructure Security Agency (CISA) previously alerted organizations on January 10 to patch their Pulse Secure VPN servers against ongoing attacks trying to exploit the ...

  • ‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup

    December 5, 2019

    Hackers pulled off an elaborate man-in-the-middle campaign to rip off an Israeli startup by intercepting a wire transfer from a Chinese venture-capital firm intended for the new business. New research by Check Point Software details how the security vendor uncovered the wire-transfer heist, in which an attacker used unique tactics—including communicating through email and even canceling a critical ...

  • New vulnerability lets attackers sniff or hijack VPN connections

    December 5, 2019

    Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and tamper with VPN-tunneled connections. The vulnerability — tracked as CVE-2019-14899 — resides in the networking stacks of multiple Unix-based operating systems, and more specifically, in how the operating systems reply to ...

  • Hotel front desks are now a hotbed for hackers

    November 28, 2019

    It seems that any possible way cybercriminals can exploit the hospitality industry, they will. Hotels, restaurant chains, and related tourism services have been subject to a range of techniques when it comes to cybercrime; the compromise of Point-of-Sale (PoS) terminals to harvest guest data, phishing emails sent to staff which are designed to give attackers access ...

  • Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs

    November 4, 2019

    The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol (ARP) pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim organization. Ryuk, which is distributed by ...

  • Avast says hackers breached internal network through compromised VPN profile

    October 21, 2019

    Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network. In a statement published today, the company said it believed the attack’s purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident. Avast said the breach occurred because the attacker compromised an employee’s VPN credentials, gaining access ...

  • Intelligence Agencies Warn Of Flaw With VPN Products

    October 9, 2019

    Both the US NSA and UK NCSC warn hackers are actively exploiting vulnerabilities in VPN products Both the US National Security Agency (NSA) and a GQHC agency in the United Kingdom have issued warnings about “multiple vulnerabilities in Virtual Private Network (VPN) applications.” Both the NSA and the UK’s National Cyber Security Centre (NCSC) warned that advanced persistent threat (APT) ...

  • D-Link Home Routers Open to Remote Takeover Will Remain Unpatched

    October 8, 2019

    D-Link won’t patch a critical unauthenticated command-injection vulnerability in its routers that could allow an attacker to remotely take over the devices and execute code. The vulnerability (CVE-2019-16920) exists in the latest firmware for the DIR-655, DIR-866L, DIR-652 and DHP-1565 products, which are Wi-Fi routers for the home market. D-Link last week told Fortinet’s FortiGuard Labs, ...