Search results for VPN cyber attack | Breaking Cybersecurity News | The Hacker News

A virtual private network (VPN) is the perfect solution for a lot of issues you might experience online- accessing blocked sites, hiding your browsing activity, getting rid of internet throttling, finding better deals, and much more.  But does a VPN protect you from hackers? Is your private information and files safer on the internet with a VPN? How much of a difference does it make in terms of data protection?  The answer to these questions isn't as simple as Yes or No. So, keep reading to find out. Does a VPN Prevent Hacking?  You should definitely use a VPN on a public network or your home wi-fi because it significantly protects your privacy. But a VPN can't simply protect you from every single type of cyber attack. Some attacks are very sophisticated and complex, which even a VPN can't prevent.  But let's look at some of the cyber attacks that a VPN can stop. 1  —  MITM (Man-in-the-Middle) Attack  A MITM attack is when a hacker comes in bet...

Cyber criminals have explored one more way to exploit Heartbleed OpenSSL bug against organisations to hijack multiple active web sessions conducted over a virtual private network connection. The consulting and incident response Mandiant investigated targeted attack against an unnamed organization and said the hackers have exploited the “ Heartbleed ” security vulnerability in OpenSSL running in the client’s SSL VPN concentrator to remotely access active sessions of an organization's internal network. The incident is the result of attacks leveraging the OpenSSL Heartbleed vulnerabilities, which resides in the OpenSSL’s heartbeat functionality, if enabled would return 64KB of random memory in plaintext to any client or server requesting for a connection. The vulnerability infected almost two-third of internet web servers, including the popular websites. Recently, there has been an arrest of a Canadian teen of stealing usernames, credentials, session IDs and other da...

When the headlines focus on breaches of large enterprises like the Optus breach, it’s easy for smaller businesses to think they’re not a target for hackers. Surely, they’re not worth the time or effort?  Unfortunately, when it comes to cyber security, size doesn’t matter.  Assuming you’re not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. Few small businesses prioritise cybersecurity, and hackers know it. According to Verizon, the number of smaller businesses being hit has climbed steadily in the last few years – 46% of cyber breaches in 2021 impacted businesses with fewer than 1,000 employees.  Cyber security doesn't need to be difficult Securing any business doesn’t need to be complex or come with a hefty price tag. Here are seven simple tips to help the smaller business secure their systems, people and data. 1 — Install anti-virus software everywhere Every organisation has anti-vi...

From past few days, Internet Users in China are dealing with a weird redirection of traffic nationwide while accessing any website that makes use of connect.facebook.net resource. Great Firewall of China , which is infamous for the Internet censorship by Chinese government, believes to be intercepting the JavaScript module used by Facebook Connect Login, which is meant to allow third-party websites to authorize users through Facebook infrastructure. Chinese Internet users are complaining that when they visit any website that contain " Login with Facebook " or " Connect with Facebook " buttons (which is being used by a vast number of sites), they automatically redirect to unrelated websites. The two websites to which the traffic is being redirected: wpkg.org — A website for open source automated software deployment, upgrade, and removal program for Windows. ptraveler.com — A personal travel blog authored by a young couple of Poland. "Th...

It seems as though not a day goes by without a new story breaking about a high-level cyber attack on a major corporation or national government. Hackers are becoming increasingly adept at breaking through a variety of super-secure firewalls, and they're not just after the riches of Fortune 500 companies. Hackers are equally (if not more) interested in hacking into your personal computer and stealing everything from your browsing history to your banking information, and they can do so without your knowledge—even if you're browsing in the comfort of your own home. A VPN ( Virtual Private Network ) is your first and most important line of defense against everything from individual hackers to large-scale malware attacks, and if you're still surfing the Web without one, you may as well be leaving your laptop open and unattended in a crowded coffee shop. So What Exactly Does a VPN Do? VPNs are specialized apps that can be installed on virtually any device that has a...

IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it.  The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using available market tools and expertise to achieve the desired cybersecurity posture.  While conceptually straightforward, this is an incredibly tedious task that consumes the working hours of CISOs and their organizations. Both the enumeration and the fortification pose challenges: large organizations use a vast array of technologies, such as server and endpoint platforms, network devices, and business apps. Reinforcing each of these components becomes a frustrating exercise in integration with access control, logging, patching, monitoring, and more, creating a seemingly endless list of tasks....

Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score. Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity . Solutions span a broad spectrum, from training email users to ensuring a VPN kill switch is in place, to adding extensive advanced layers of network protection. To successfully guard against severe threats from hackers, worm viruses to malware, such as botnet attacks, network managers need to use all tools and methods that fit well into a comprehensive cyber defense strategy. Of all the menaces mentioned above to a website owner's peace of mind, botnets arguably present the most unsettling form of security risk. They're not the mere achievements of malicious amateur cybercriminals. They're state...

A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which  masquerades  as a legitimate domain by simulating a browser window within the browser, makes it possible to mount convincing social engineering campaigns. "Ghostwriter actors have quickly adopted this new technique, combining it with a previously observed technique, hosting credential phishing landing pages on compromised sites," Google's Threat Analysis Group (TAG)  said  in a new report, using it to siphon credentials entered by unsuspected victims to a remote server. Among other groups  using the war as a lure  in phishing and malware campaigns to deceive targets into opening fraudulent emails or links include  Mustang Panda  and  Scarab  as well as nation-state actors...

Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to the privacy of user and enterprise communications, the company noted. The attack has been codenamed Whisper Leak . "Cyber attackers in a position to observe the encrypted traffic (for example, a nation-state actor at the internet service provider layer, someone on the local network, or someone connected to the same Wi-Fi router) could use this cyber attack to infer if the user's prompt is on a specific topic," security researchers Jonathan Bar Or and Geoff McDonald, along with the Microsoft Defender Security Research Team, said . Put differently, the attack allows an attacker t...

A scientist working at the Atomic Energy Organisation of Iran said computer systems have been hit by a cyber-attack which forced them to play AC/DC’s Thunderstruck at full volume in the middle of the night. The attack came to light after a researcher at security firm F-Secure received a string of emails from a Iran's atomic energy organisation." I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom. " " It does sound really weird ," he said. "If there was an attack, why would the attacker announce themselves by playing ' Thunderstruck? " If true, this attack is the third hacking attempt aimed at Tehran’s controversial nuclear program. It sounds like the AEOI may have been hit with an infrastructure-targeting malware attack, similar to those that have plagued the Middle East since 201...

SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access ( SMA ) that are used to provide users with remote access to internal resources. "Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products," the company exclusively told The Hacker News. The development comes after The Hacker News received reports that SonicWall's internal systems went down earlier this week on Tuesday and that the source code hosted on the company's GitLab repository was accessed by the attackers. SonicWall wouldn't confirm the re...

North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the  JumpCloud hack  following an operational security (OPSEC) blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already being monitored as Jade Sleet and TraderTraitor, a group with a history of striking blockchain and cryptocurrency sectors. UNC4899 also overlaps with  APT43 , another hacking crew associated with the Democratic People's Republic of Korea (DPRK) that was unmasked earlier this March as conducting a series of campaigns to gather intelligence and siphon cryptocurrency from targeted companies. The adversarial collective's modus operandi is characterized by the use of Operational Relay Boxes ( ORBs ) using L2TP IPsec tunnels along with commercial VPN providers to disguise the attacker'...

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. "No exploitation of FortiGate vulnerabilities was observed—instead, this campaign succeeded by exploiting exposed management ports and weak credentials with single-factor authentication, fundamental security gaps that AI helped an unsophisticated actor exploit at scale," CJ Moses, Chief Information Security Officer (CISO) of Amazon Integrated Security, said in a report. The tech giant described the threat actor as having limited technical capabilities, a constraint they overcame by relying on multiple commercial generative AI tools to implement various phases of the attack cycle, such as tool development, attac...

The ransomware cartel that masterminded the  Colonial Pipeline attack  early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was  reported  by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April 29 through the VPN account, which allowed employees to access the company's networks remotely. The VPN login — which didn't have multi-factor protections on — was unused but active at the time of the attack, the report said, adding the password has since been discovered inside a batch of leaked passwords on the dark web, suggesting that an employee of the company may have reused the same password on another account that was previously breached. It's, however, unclear how the password was obtained, Charles Carmakal, senior vice president at the cybersecurity firm Mandiant, was quote...