Security News > 2024 > November > VPN vulnerabilities, weak credentials fuel ransomware attacks
2024-11-28 05:00
Attackers leveraging virtual private network (VPN) vulnerabilities and weak passwords for initial access contributed to nearly 30% of ransomware attacks, according to Corvus Insurance. According to the Q3 report, many of these incidents were traced to outdated software or VPN accounts with inadequate protection. For example, common usernames such as “admin” or “user” and a lack of multi-factor authentication (MFA) made accounts vulnerable to automated brute-force attacks, where attackers exploit publicly accessible systems by testing … More → The post VPN vulnerabilities, weak credentials fuel ransomware attacks appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/28/vpn-weak-credentials-ransomware-attacks/
Related news
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- SonicWall SMA VPN devices targeted in attacks since January (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)