Kevin Beaumont on Nostr: Ransomware initially entry: brute forcing VPNs with no MFA, infostealer stole creds, ...
Ransomware initially entry: brute forcing VPNs with no MFA, infostealer stole creds, exploits.
Fixes: deploy MFA 100% of time, apply patches in a timely manner to network border appliances, swap VPN vendors to one which doesn’t suck.
Published at
2025-04-24 06:29:55Event JSON
{
"id": "f96a2e5ce9e489ec5a410d6479c3642e0ce1f93d63c6481e38f5744b135af349",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1745476195,
"kind": 1,
"tags": [
[
"e",
"c8141e7b346755a9a6028efc6e8a7f82e381e2cee5f3c4ae9bd5871c4706f1df",
"wss://relay.mostr.pub",
"reply"
],
[
"imeta",
"url https://cyberplace.social/system/media_attachments/files/114/391/527/669/071/905/original/c3b022b96a791cb9.jpeg",
"m image/jpeg",
"dim 1290x827",
"blurhash UvLq|+RN?ER:e-WBWFof~TkDNHoekDWCoHfk"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/114391527947117915",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "Ransomware initially entry: brute forcing VPNs with no MFA, infostealer stole creds, exploits. \n\nFixes: deploy MFA 100% of time, apply patches in a timely manner to network border appliances, swap VPN vendors to one which doesn’t suck.\n\nhttps://cyberplace.social/system/media_attachments/files/114/391/527/669/071/905/original/c3b022b96a791cb9.jpeg",
"sig": "9014ad3470816b6038c2caa6a9b84a9984785e18590456779dec502ad98c3d61f5dc1102806d1f9b5cf7328bee698d863387e23010cfaf0792ce8ffe601c3b14"
}
