TechNadu4d ago

Fog ransomware continues the trend of credential-driven ransomware attacks, targeting U.S. organizations via compromised VPN access.

Observed tactics include:
- VPN credential abuse
- Lateral movement via RDP, SMB, PsExec
- Backup deletion (Veeam)
- VM encryption
- No leak site observed, but operational impact remains severe.

Source: https://gbhackers.com/fog-ransomware/

#FogRansomware #Ransomware #VPNSecurity #ThreatIntel

TechNaduDec 15

Cure53 audit confirms NordVPN’s security posture is continuously tested.
https://www.technadu.com/nordvpn-security-audit-shows-ongoing-independent-review/615642/

• No critical vulns across apps or infrastructure
• High-severity findings fixed and re-verified
• Annual independent audits since 2018

#VPNsecurity #Infosec #SecurityAudit #PrivacyEngineering

TechNaduDec 8

GreyNoise reports a coordinated wave of login attempts against Palo Alto GlobalProtect portals, later expanding into scans of SonicWall SonicOS API endpoints. More than 7,000 IPs tied to 3xK GmbH infrastructure were involved.

Palo Alto Networks confirmed the activity represents credential-based probing, not a vulnerability exploit.
Defenders are encouraged to enforce MFA, track recurring client fingerprints, and apply dynamic blocking.

Source: https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/

How are you monitoring for reconnaissance patterns across VPN and firewall surfaces today?
Share your approach and follow us for more operational threat updates.

#infosec #PaloAltoNetworks #SonicWall #GlobalProtect #ThreatHunting #ThreatIntel #NetworkSecurity #VPNsecurity

The DefendOps DiariesOct 13

SonicWall’s VPN breach shows how stolen credentials can blow open account security in just days. Is your organization ready to fend off smarter, faster cyberattacks?

https://thedefendopsdiaries.com/sonicwall-vpn-breach-highlights-growing-threat-of-credential-based-attacks/

#sonicwall
#vpnsecurity
#credentialtheft
#cyberattack
#multifactorauthentication

The DefendOps DiariesSep 28

Even top-tier MFA can't stop Akira ransomware—attackers exploited SonicWall flaws to disable defenses and launch double extortion strikes. Is your network really secure?

https://thedefendopsdiaries.com/akira-ransomware-bypassing-mfa-and-exploiting-sonicwall-vpn-vulnerabilities/

#akiraransomware
#sonicwall
#mfa
#vpnsecurity
#doubleextortion

Akira Ransomware: Bypassing MFA and Exploiting SonicWall VPN Vulnerabilities

Explore how Akira ransomware bypasses MFA and exploits SonicWall VPN flaws, with insights on double extortion tactics and defense strategies.

The DefendOps Diaries
The DefendOps DiariesAug 13

Fortinet’s digital defenses are facing a relentless assault. A surge in brute-force attacks might be exposing hidden zero-day flaws—and it could mean big trouble for critical systems. What’s really at stake?

https://thedefendopsdiaries.com/fortinet-ssl-vpns-under-siege-uncovering-the-threat-of-zero-day-vulnerabilities/

#fortinet
#zeroday
#cybersecurity
#vpnsecurity
#infosec

Fortinet SSL VPNs Under Siege: Uncovering the Threat of Zero-Day Vulnerabilities

Explore the surge in Fortinet SSL VPN attacks, uncovering zero-day vulnerabilities threatening critical infrastructure.

The DefendOps Diaries
The DefendOps DiariesAug 13

Fortinet’s digital defenses are cracking under a surge of attacks—hints of unknown zero-day flaws could leave critical systems completely exposed. What if your digital fortress isn’t as secure as you think?

https://thedefendopsdiaries.com/fortinet-ssl-vpns-under-siege-uncovering-the-threat-of-zero-day-vulnerabilities/

#fortinet
#zeroday
#cybersecurity
#vpnsecurity
#infosec

Fortinet SSL VPNs Under Siege: Uncovering the Threat of Zero-Day Vulnerabilities

Explore the surge in Fortinet SSL VPN attacks, uncovering zero-day vulnerabilities threatening critical infrastructure.

The DefendOps Diaries
The DefendOps DiariesJun 24, 2025

SonicWall’s trusted VPN? Not so fast. Cyber crooks are now using a fake NetExtender with a forged digital signature to swipe VPN logins. Could your remote access be at risk? Dive in to find out how to stay secure.

https://thedefendopsdiaries.com/understanding-the-threat-of-trojanized-vpn-clients-a-case-study-on-sonicwalls-netextender/

#vpnsecurity
#trojanizedsoftware
#sonicwall
#cyberthreats
#digitaltrust

Understanding the Threat of Trojanized VPN Clients: A Case Study on SonicWall's NetExtender

Explore the risks of trojanized VPN clients with a focus on SonicWall's NetExtender and learn how to protect against such threats.

The DefendOps Diaries
The DefendOps DiariesApr 30, 2025

SonicWall’s SMA100 devices are in the spotlight after some dangerous vulnerabilities were discovered—think of it like leaving your front door wide open. Are your defenses up to speed to block these potential intruders?

https://thedefendopsdiaries.com/understanding-sonicwall-sma100-vulnerabilities-risks-and-mitigation/

#sonicwall
#cybersecurity
#vpnsecurity
#vulnerabilitymanagement
#infosec

InfosecK2KApr 21, 2025

Iranian state-backed hackers are teaming up with ransomware gangs to exploit VPN and firewall tools from Citrix, Check Point & Palo Alto Networks. Is your patching up to date?

https://www.techradar.com/pro/iranian-hackers-work-with-ransomware-gangs-to-break-into-companies-via-vpn-and-firewall-tools

#CyberSecurity #ThreatIntel #VPNSecurity

Iranian hackers work with ransomware gangs to break into companies via VPN and firewall tools

Firewalls and VPNs being used to crack into networks

TechRadar pro