New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products

November 27, 2024 at 04:59AM Researchers from AmberWolf revealed a new attack method targeting corporate VPN clients, exposing vulnerabilities in widely used software like Palo Alto Networks and SonicWall. They published NachoVPN, an open-source tool to demonstrate these exploits. While patches exist, exploitation requires users to connect to rogue servers, often via social engineering. ### … Read more

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

August 12, 2024 at 03:45AM Vulnerabilities in Ewon Cosy+ industrial remote access solution could allow attackers to gain root privileges, decrypt encrypted data, and hijack VPN sessions, posing significant security risks. The findings were presented at DEF CON 32. Attackers could exploit OpenVPN vulnerabilities to gain administrative and ultimately root access, compromise VPN sessions, and … Read more

Time to zero in on Zero Trust?

June 12, 2024 at 11:18PM Companies in the ASEAN region traditionally relied on VPNs for internet traffic encryption and user identity protection. However, a recent cyber attack targeting VPN vulnerabilities has raised concerns. The post-pandemic shift to remote and hybrid working in ASEAN countries poses new cyber security challenges. Cloudflare advocates a Zero Trust Security … Read more