Cisco fixes VPN DoS flaw discovered in password spray attacks

October 24, 2024 at 02:13PM Cisco addressed a denial of service vulnerability (CVE-2024-20481) affecting its ASA and FTD software, discovered during large-scale brute-force attacks. This flaw allows unauthenticated remote attackers to exhaust resources of the RAVPN service. Cisco also issued advisories for 42 other vulnerabilities, urging immediate patching. ### Meeting Takeaways 1. **Vulnerability Fix:** – … Read more

Cisco ASA, FTD Software Under Active VPN Exploitation

October 24, 2024 at 11:59AM Cisco has quickly released a patch for a medium-severity DoS vulnerability (CVE-2024-20481) in its VPN software, which is actively exploited. The flaw allows attackers to overload the system with authentication requests. Cisco advises updating software and implementing security measures to mitigate risks, as no workarounds are available. ### Meeting Takeaways … Read more

Check Point VPN zero-day exploited in attacks since April 30

May 29, 2024 at 03:45PM Threat actors are exploiting a high-severity zero-day vulnerability in Check Point Remote Access VPN, stealing Active Directory data to move through victims’ networks. Check Point warns customers of attackers targeting their security gateways using old VPN local accounts with insecure password-only authentication. The company has released hotfixes to block exploitation … Read more

Attackers Target Check Point VPNs to Access Corporate Networks

May 28, 2024 at 03:37PM Researchers have seen a rise in attackers using remote access VPNs for unauthorized network access. Check Point’s leadership noted three such attempts and advised organizations to strengthen VPN security by requiring more than just passwords. Industry experts recommend modern authentication methods and transitioning to Zero Trust Network Access for better … Read more

Cisco warns of password-spraying attacks targeting VPN services

March 28, 2024 at 12:38PM Cisco has released recommendations to address password-spraying attacks targeting Remote Access VPN services on Cisco Secure Firewall devices, which are believed to be part of reconnaissance activity. The company suggests indicators of compromise for detection and blocking, such as abnormal authentication requests and inability to establish VPN connections. Security researcher … Read more