Stay updated with breaking news from Sean nikkei. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
VPN Attacks Surged in First Quarter But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown. Attacks against virtual private network (VPN) products from Fortinet and Pulse Secure surged dramatically in the first quarter of 2021 as threats actors tried to take advantage of previously disclosed vulnerabilities that organizations had not patched. Log data collected by Nuspire from thousands of devices at customer locations show attacks against Fortinet s SSL-VPN increased 1,916% from the beginning of the quarter as threat actors tried to exploit a path traversal vulnerability in the technology (CVE-2018-13379) that could allow unauthenticated attackers to download files. Attacks targeting Pulse Connect Secure VPNs, meanwhile, jumped 1,527% during the same period as adversaries went after an arbitrary file disclosure vulnerability in the product (CVE-2019-11510) with a maximum possibility severity rating of 10. ....
В 1 квартале 2021 года число атак на VPN-устройства выросло на более чем 1000% securitylab.ru - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from securitylab.ru Daily Mail and Mail on Sunday newspapers.
The alert does not point to any specific new and recent threats or attacks from APT29 (aka Cozy Bear, Dukes, and Yttrium) targeting organizations in these sectors. But it does note the longstanding threat the group has posed to US organizations and the group s use of customized tools to maximize stealth and to move laterally within victim networks. Since at least 2018, the group has shifted from predominantly targeting on-premises assets to targeting cloud-hosted email and other cloud resources, the three agencies say. [SVR] will continue to seek intelligence from US and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks, the alert notes. ....