rogue
-
Blog
New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed “NachoVPN” allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers found that threat actors can trick potential targets into connecting their SonicWall NetExtender and Palo Alto Networks GlobalProtect VPN clients to attacker-controlled VPN servers using malicious websites or documents in social engineering…
Read More » -
Blog
Amazon seizes domains used in rogue Remote Desktop campaign to steal data
Amazon has seized domains used by the Russian APT29 hacking group in targeted attacks against government and military organizations to steal Windows credentials and data using malicious Remote Desktop Protocol connection files. APT29, also known as “Cozy Bear” and “Midnight Blizzard,” is a Russian state-sponsored cyber-espionage group linked to Russia’s Foreign Intelligence Service (SVR). Amazon clarifies that although the phishing pages APT29…
Read More » -
Blog
Ukraine arrests rogue VPN operator providing access to Runet
Ukraine’s cyber police have arrested a 28-year-old man who operated a massive virtual private network (VPN) service, allowing people from within the country to access the Russian internet (Runet). Runet is the portion of the internet that includes Russian sites on the “.ru” and “.su” top-level domains, including government sites, social media platforms, search engines, and various news platforms from the…
Read More »