Topics
Latest
AI
Amazon
Image Credits:Bryce Durbin / TechCrunch
Apps
Biotech & Health
mood
Image Credits:Bryce Durbin / TechCrunch
Cloud Computing
Commerce
Crypto
Image Credits:Alex Kraus/Bloomberg / Getty Images
enterprisingness
EVs
Fintech
Fundraising
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
place
inauguration
TikTok
transport
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
adjoin Us
Enterprise cybersecurity cock , such as routers , firewalls , and VPNs , be to protect collective networks from intruders and malicious hackers , something that is particularly important in today ’s old age of far-flung remote and hybrid cultivate .
But while pitch as tools that help organizations delay safe from outside threats , many of these product have time and again been set up to contain package bugs that allow malicious drudge to compromise the very networks these products were designed to protect .
These bugs have been blamedfor an explosioninmass - hack campaignsin late year , whereby malicious hacker ill-treat these often easy - to - exploit certificate fault to founder into the networks of grand of organisation and steal raw company data .
We ’ve put together a brief story of mass drudge , and will update this clause when more unavoidably fall to light .
January 2023: Fortra file-transfer tool hacks hit 130 organizations
One of the first aggregative hacks of this decade sawa notorious ransomware work party exploit a vulnerability in Fortra ’s GoAnywheremanaged file transferral software , a product used by companies to portion out big file and tender datasets over the internet . The fertile Clop ransomware gang exploited the bug to compromise more than 130 organization and slip the personal data of millions of individuals . The vulnerability was work as a zero - daytime , which mean Fortra had no fourth dimension to fix it before it came under plan of attack . Clop later print datum stolen from victim organizations who did not pay the hackers a ransom . Hitachi Energy , security elephantine Rubrik , and Florida - based wellness tech establishment NationBenefits — which saw the data of more than three million members steal in the attack — report intrusions ensue from the daft software .
May 2023: MOVEit flaws allowed theft of 60 million people’s data
Themass hack of MOVEitremains one of thelargest mass breach of all fourth dimension , with cyberpunk abusing a fault in another wide used file transportation software system , developed by Progress Software , to steal data from several thousand organizations . The attacks were again claimed by the Clop ransomware group , which exploited the MOVEit vulnerability to steal information on more than 60 million somebody , accord to cybersecurity companyEmsisoft . U.S. governance service catching giant Maximus was the largest dupe of the MOVEit falling out after confirm that hacker accessed the protect wellness information ofas many as 11 million individuals .
October 2023: Cisco zero-day exposed thousands of routers to takeovers
The aggregate hacks continued into the 2nd half of 2023 , withhackers exploiting an unpatched zero - daytime exposure in Cisco ’s internet softwarethroughout October to compromise X of G of devices that rely on the software , such as initiative switches , wireless controllers , access point , and industrial routers . The hemipteran granted attackers “ full control of the compromised gadget . ” While Cisco did n’t affirm how many client had been sham by the fault , Censys , a lookup engine for internet - connect devices and asset , says it had find almost 42,000 compromised devices expose to the net .
November 2023: Ransomware gang exploits Citrix bug
Citrix NetScaler , which large enterprises and governments use for app delivery and VPN connectivity , became thelatest mass - hack targetjust one month after in November 2023 . The bug , know as “ CitrixBleed , ” provide the Russia - linked ransomware crowd LockBit to draw out sensitive information from affected NetScaler systems at grownup - name firm . Aerospace giant Boeing , practice of law business firm Allen & Overy , and the Industrial and Commercial Bank of China were claimed as victim .
January 2024: China hackers exploited Ivanti VPN bugs to breach companies
Ivanti became a name synonymous with aggregate hacks after Chinese country - backed hackersbegan aggregated - exploitingtwo critical zero - twenty-four hour period vulnerability in Ivanti ’s corporate Connect Secure VPN appliance . While Ivanti say at the time that only a limited number of client had been affect , cybersecurity company Volexity found that more than 1,700 Ivanti convenience worldwide were exploit , touch on administration in the aerospace , banking , defence , and telecoms industry . U.S. government agencies with affected Ivanti system in operation were ordered to immediatelytake the systems out of service . development of these exposure has since beenlinkedto the China - backed espionage group bed asSalt Typhoon , which more late was notice to have cut up into the net of at least nine U.S. telecommunication troupe .
February 2024: ConnectWise customers hacked thanks to bugs in remote access tool
In February 2024 , hackerstook aimat two “ easy - to - exploit ” vulnerabilities in ConnectWise ScreenConnect , a popular remote entree instrument that allow IT and substantiate technician to remotely provide technical assistance directly on customer systems . Cybersecurity giant Mandiant suppose at the clock time its researchers had observed “ identify mass exploitation ” of the two flaws , which were being abused by various threat actors to deploy watchword stealers , backdoors , and in some case , ransomware .
Hackers hit Ivanti customers (again) with fresh bugs
Ivanti made headline again — also in February 2024 — when attackers exploited another exposure in its wide used endeavour VPN applianceto cut its customers . The Shadowserver Foundation , a nonprofit organization that run down and monitors the internet for exploitation , told TechCrunch at the time it had note more than 630 unique IP addresses attempt to overwork the server - side defect , which allows assailant to gain access code to gimmick and system ostensibly protected by the vulnerable Ivanti appliances .
November 2024: Palo Alto firewall bugs put thousands of firms at risk
Later in 2024 , hackers compromise potentially thousands of organisation by exploitingtwo zero - day vulnerabilitiesin software package made by cybersecurity giant Palo Alto Networks and used by client around the domain . The exposure in PAN - OS , the operating system that runs on all of Palo Alto ’s next - propagation firewalls , permit attacker to compromise and exfiltrate sore data from corporal networks . According toresearchers at security house watchTowr Labs , who change by reversal - mastermind Palo Alto ’s patches , the flaws ensue from canonic mistakes in the development process .
December 2024: Clop compromises Cleo customers
In December 2024 , the Clop ransomware gang targeted yet another popular file transference technology to launch a clean wafture of mass hacks . This clip , the gangexploited flawsin tools made by Cleo Software , an Illinois - based maker of enterprisingness computer software , to target stacks of the company ’s customer . By early January 2025,Clop listed almost 60 Cleo companiesthat it had allegedly compromise , including U.S. supply mountain range software program giant Blue Yonder and German fabrication giant Covestro . By the end of January , Clop contribute another 50 say Cleo aggregate - hack victims to its dark vane leak site .
January 2025: New year, new Ivanti bugs under attack
The fresh year began with Ivanti falling dupe to hacker — yet again . The U.S. software colossus alerted client in early - January 2025 that hackers were exploit a fresh zero - day vulnerability in its initiative VPN gizmo to breach the web of its collective customers . Ivanti say that a “ limited figure ” of customers were affected , but declined to say how many . The Shadowserver Foundationsays its data showshundreds of backdoored customer systems .
Fortinet firewall bugs exploited since December
Just days after Ivanti ’s up-to-the-minute bug was disclosed , Fortinet confirmed that hackers had separately been exploiting a vulnerability in its firewall to break into the web of its corporate and enterprise customers . The flaw , which affect the cybersecurity company ’s FortiGate firewalls , hadbeen “ mass exploited ” as a zero - day hemipteron since at least December 2024 , according to security enquiry firms . Fortinet wane to say how many customers were affected , but security system enquiry firms investigating the attack note intrusions affecting “ tens ” of touched devices .
SonicWall says hackers are remotely hacking customers
January 2025 remained a busy month for hacker exploiting bug in enterprise security package . SonicWall say in late January that as - yet - unidentified hackers are overwork a fresh discovered vulnerability in one of its enterprise productsto let on into its customer networks . The exposure , which affects SonicWall ’s SMA1000 remote approach gadget , was discover by Microsoft ’s threat researchers and is “ substantiate as being actively exploited in the wild , ” consort to SonicWall . The company has n’t said how many of its customers have been impress or if the company has the proficient power to reassert , but withmore than 2,300 devices give away to the internet , this glitch has the potential to be the late mass hack of 2025 .
