Security News > 2024 > November > VPN vulnerabilities, weak credentials fuel ransomware attacks
2024-11-28 05:00
Attackers leveraging virtual private network (VPN) vulnerabilities and weak passwords for initial access contributed to nearly 30% of ransomware attacks, according to Corvus Insurance. According to the Q3 report, many of these incidents were traced to outdated software or VPN accounts with inadequate protection. For example, common usernames such as “admin” or “user” and a lack of multi-factor authentication (MFA) made accounts vulnerable to automated brute-force attacks, where attackers exploit publicly accessible systems by testing … More → The post VPN vulnerabilities, weak credentials fuel ransomware attacks appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/28/vpn-weak-credentials-ransomware-attacks/
Related news
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)