CyberSecurityBoard
Sponsor Register Login

New ChaosBot Leveraging CiscoVPN and Active Directory Passwords

A new variant of the ChaosBot malware has been discovered exploiting CiscoVPN and Active Directory passwords to infiltrate corporate networks. This sophisticated malware targets vulnerabilities in VPN configurations and weak Active Directory credentials to gain unauthorized access, allowing attackers to deploy ransomware and steal sensitive data. Organizations using CiscoVPN are urged to update their systems and enforce strong password policies to mitigate this threat. The malware's ability to move laterally within networks highlights the importance of comprehensive endpoint security and continuous monitoring. This article delves into the technical details of ChaosBot's attack vectors, its impact on enterprise security, and best practices for defense. Cybersecurity teams must prioritize patch management and user education to prevent such intrusions. The rise of ChaosBot underscores the evolving tactics of cybercriminals exploiting trusted network components and credentials. Staying informed and proactive is critical to safeguarding digital assets against this emerging threat.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 10 Oct 2025 15:35:19 +0000


Cyber News related to New ChaosBot Leveraging CiscoVPN and Active Directory Passwords

New ChaosBot Leveraging CiscoVPN and Active Directory Passwords - A new variant of the ChaosBot malware has been discovered exploiting CiscoVPN and Active Directory passwords to infiltrate corporate networks. This sophisticated malware targets vulnerabilities in VPN configurations and weak Active Directory ...
4 weeks ago Cybersecuritynews.com
Top 10 Best Active Directory Management Tools in 2025 - SolarWinds Access Rights Manager (ARM) is a robust Active Directory management tool designed to enhance security and simplify user permissions management. Dameware Remote Everywhere (DRE) is a powerful Active Directory management tool that provides ...
7 months ago Cybersecuritynews.com
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
1 year ago Bleepingcomputer.com
New Rust-Based ChaosBot Malware Targets Windows and Linux Systems - A new malware named ChaosBot, developed using the Rust programming language, has been identified targeting both Windows and Linux systems. This malware is notable for its cross-platform capabilities, leveraging Rust's efficiency and safety features ...
2 weeks ago Cybersecuritynews.com
Five Eyes Agencies Put Focus on Active Directory Threats - Security Boulevard - Cybersecurity agencies in the United States and other countries are urging organizations to harden the security around Microsoft’s Active Director (AD) solution, which has become a prime target of hackers looking to compromise enterprise networks. ...
1 year ago Securityboulevard.com
Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors - The 2023 data from Enzoic for Active Directory Lite data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant increase in risk factors that lead to data breaches. The free password auditor has been ...
1 year ago Securityboulevard.com
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
1 year ago Ghacks.net
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
1 year ago Techtarget.com
Active Roles Wins 2025 Cybersecurity Excellence Award for Hybrid Active Directory Protection - One Identity, a leader in unified identity security, today announced that One Identity Active Roles has been named a winner in the Hybrid Active Directory Protection category of the 2025 Cybersecurity Excellence Awards. Their Unified Identity ...
7 months ago Cybersecuritynews.com
The 7 technology trends that could replace passwords - In passwords, this provides a secure way to let users prove that they know their own password, without any need to transmit their actual credentials – it is a cryptographic method that proves you know your password without needing to actually ...
7 months ago Bleepingcomputer.com
Active Directory Infiltration Methods Employed by Cybercriminals - Active Directory infiltration methods exploit vulnerabilities or weaknesses in Microsoft's Active Directory to gain unauthorized access. Active Directory is a central component in many organizations, making it a valuable target for attackers seeking ...
1 year ago Gbhackers.com
New Rust-Based Malware 'ChaosBot' Hijacks Telegram Accounts to Spread Itself - A new malware named ChaosBot, developed using the Rust programming language, has been discovered hijacking Telegram accounts to propagate itself. This innovative malware leverages the security and performance benefits of Rust to evade detection and ...
3 weeks ago Thehackernews.com
Protect your Active Directory from these Password-based Vulnerabilities - Deploying a security solution like Specops Password Policy enhances the protection of passwords, which are frequently exploited as an initial entry point by attackers. In this attack, the perpetrator, typically using a compromised low-level account ...
1 year ago Bleepingcomputer.com
Implementing Zero Trust Principles in Your Active Directory - In the past, many organizations relied on secure perimeters to trust users and devices. This approach is no longer viable with the geographical dispersion of workers and the need for access from various locations and devices. End-users now require ...
1 year ago Cysecurity.news
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
CVE-2017-2343 - The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. As part of an internal security ...
6 years ago
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
1 year ago Securityboulevard.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
1 year ago Cyberdefensemagazine.com
Jason's Deli Restaurant Chain Hit by a Credential Stuffing Attack - The personal information of more than 340,000 customers of popular restaurant chain Jason's Deli may have been victims of a credential stuffing attack, a scheme in which the hacker uses stolen or leaked credentials to log into other online accounts. ...
1 year ago Securityboulevard.com
10 Best Password Managers in 2025 - Features What is Good?What Could Be Better?The password management interface is simple and intuitive.User reports indicate periodic service interruptions.Allows seamless access across devices and platforms.Free versions may contain less features than ...
7 months ago Cybersecuritynews.com
How to use the Apple Passwords app - Help Net Security - The app’s Security section informs you if you have chosed easily guessable or reused passwords, or if that particular password has been compromised (i.e., appears in public data leaks). To edit passwords, select the “All” section and then ...
1 year ago Helpnetsecurity.com
Doubling down: How Universal 2nd Factor (U2F) boosts online security - While poor choices like ‘password’ or ‘123456’ featured among the top five stolen passwords identified in the Specops Breached Password Report 2025, we also found that almost a quarter of the stolen passwords analysed (230 ...
6 months ago Bleepingcomputer.com
Adalanche: Open-source Active Directory ACL visualizer, explorer - Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It's an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. It helps identify and ...
1 year ago Helpnetsecurity.com
Most common passwords: 70% can be cracked in less than a second - Racking your brains to come up with a strong password can be a pain. NordPass, the password management tool from the team behind NordVPN, partnered with independent researchers to release its study of the 200 most common passwords used in 2023. Of ...
1 year ago Cnbc.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)