CyberSecurityBoard
Sponsor Register Login

Enhance your VPN Security Posture!

Over the past few months, we have observed increased interest of malicious groups in leveraging remote-access VPN environments as an entry point and attack vector into enterprises.
Attackers are motivated to gain access to organizations over remote-access setups so they can try to discover relevant enterprise assets and users, seeking for vulnerabilities in order to gain persistence on key enterprise assets.
We have recently witnessed compromised VPN solutions, including various cyber security vendors.
In light of these events, we have been monitoring attempts to gain unauthorized access to VPNs of Check Point's customers.
By May 24, 2024 we identified a small number of login attempts using old VPN local-accounts relying on unrecommended password-only authentication method.
We have assembled special teams of Incident Response, Research, Technical Services and Products professionals which thoroughly explored those and any other potential related attempts.
Relying on these customers notifications and Check Point's analysis, the teams found within 24 hours a few potential customers which were subject to similar attempts.
Password-only authentication is considered an unfavourable method to ensure the highest levels of security, and we recommend not to rely on this when logging-in to network infrastructure.
Check Point has released a solution, as a preventative measure to address these unauthorised remote access attempts.
Check if you have local accounts, if they were used and by whom.
If you have local accounts which you want to use and are password-only authenticated, add another layer of authentication to increase your environments IT security.
As said, If you are a Check Point customer, deploy our solution on your Security Gateways.
This will automatically prevent unauthorized access to your VPNs by local accounts with password-only authentication method.
Learn more and receive practical guidance for configuration monitoring and practices to enhance your VPN security posture.
For any additional assistance required, please contact Check Point technical support Center or your local Check Point representative.
We value the collaboration of our customers and dedication of our teams to reach a solution which effectively addresses any such attempts.


This Cyber News was published on blog.checkpoint.com. Publication date: Mon, 27 May 2024 12:43:09 +0000


Cyber News related to Enhance your VPN Security Posture!

VPN for Your Phone: Key to Global Email Security While Traveling - You'll need to enter the details of your VPN connection, including the VPN name, type, server address, and any required authentication credentials. One essential way to use a VPN is to protect your email communications. A VPN can be side-loaded for ...
6 months ago Securityboulevard.com
The best VPN services for iPhone and iPad in 2023: Tested and reviewed - We've analyzed and ranked the top VPN services we've tested and researched over the years that offer solid iPhone and iPad clients, good performance, strong security and are suitable for the Apple ecosystem. Also: The best travel VPNs. Based on ...
6 months ago Zdnet.com
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
1 month ago Cybersecurity-insiders.com
Mullvad VPN Review: Features, Pricing, Pros & Cons - Visit Mullvad VPN. Mullvad VPN has built a solid reputation for being one of the best privacy-focused VPNs on the market. Visit Mullvad VPN. Mullvad offers a flat rate of €5 or $5.48 per month, regardless of subscription length. If you're looking ...
5 months ago Techrepublic.com
Atlas VPN Free vs. Premium: Which Plan Is Best For You? - When VPN providers offer free versions, you may be inclined to stick with that version. Atlas VPN Free is a lifetime-free version of the Atlas VPN service, which allows users to enjoy VPN services in four locations. In comparison, Atlas VPN Premium ...
4 months ago Techrepublic.com
Cybersecurity Insiders - As the threat landscape rapidly evolves, VPNs cannot provide the secure, segmented access organizations need. The 2023 VPN Risk Report reveals the complexity of today's VPN management, user experience issues, vulnerabilities to diverse cyberattacks, ...
6 months ago Cybersecurity-insiders.com
5 Best VPNs for Travel in 2024 - VPNs are software that encrypt your online activity and adjust your IP address, protecting sensitive company data and allowing you to access geo-restricted content at the same time. In this article, we take a look at the five best VPNs for travelers. ...
3 months ago Techrepublic.com
The best VPN deals right now - You may be able to find offers for a VPN free trial, but you'll typically only get seven days free with limited bandwidth and a restricted number of servers. The best VPN deal is for Surfshark, a reliable and easy-to-use VPN with consistently low ...
5 months ago Zdnet.com
5 Best VPNs for Android in 2024 - See details VIsit ProtonVPN. see details Visit CyberGhost VPN. As more Android users rely on their smartphones to surf the web, virtual private networks have become essential tools to help secure your mobile connection, no matter where you are. One ...
5 months ago Techrepublic.com
What is Security Posture? - Security posture is a term often mentioned in cybersecurity, with businesses often told to improve or maintain a robust security posture. With the onset of 2024, now is a better time than ever to take stock of your company's security posture and plan ...
6 months ago Securityboulevard.com
Best VPN for streaming in 2023 - If you're traveling, or looking to avoid location-based blackouts for sports, you can often connect to a VPN server and use your streaming account to watch. In return, VPN vendors go to great lengths to make the case that their services can be used ...
6 months ago Zdnet.com
A Cybersecurity Risk Assessment Guide for Leaders - Now more than ever, keeping your cyber risk in check is crucial. In the first half of 2022's Cyber Risk Index, 85% of the survey's 4,100 global respondents said it's somewhat to very likely they will experience a cyber attack in the next 12 months. ...
1 year ago Trendmicro.com
Understanding the Complexities of VPNs: Balancing Privacy and Security in the Digital Age - A U.S. traveler in Europe might face restrictions accessing certain paid streaming services available in the U.S., which can be circumvented by a VPN masking the local European IP address, thus granting access to U.S.-based content. While VPNs appear ...
1 month ago Cysecurity.news
How to Check if Your VPN is Working and Troubleshoot if It Won't Connect - Having issues while connecting to a Virtual Private Network (VPN) can be frustrating, as it can prevent you from accessing a variety of services. There are a few things that you should know and check before addressing the issue fully. In this ...
1 year ago Zdnet.com
6 Best Anonymous VPNs for 2024 - VPNs are primarily used to secure online traffic and help users remain anonymous to avoid targeted ads, hide their location or ensure the security and privacy of their personal data. Though many VPN providers may advertise having a no-logs policy, ...
5 months ago Techrepublic.com
Why Automation and Consolidation are Key to Restoring Confidence in Cybersecurity - Our research shows that security leaders would need to find a 40% budget increase to restore confidence in their security posture. It's unsurprising that a lack of security skills and budget - both for training as well as general cybersecurity - are ...
6 months ago Securityboulevard.com
2024 Trends for Securing Your Business Premises: Essential Strategies and Technologies - As you look ahead to 2024, the landscape of physical security is evolving rapidly, with new trends emerging that could reshape how you protect your business premises. Advances in technology, such as artificial intelligence, are playing a pivotal role ...
6 months ago Hackread.com
6 Benefits of Vulnerability Management - Vulnerability management is an ongoing process that helps identify, evaluate, remediate, and mitigate computer and software system vulnerabilities. It's a vital tactic in managing IT environment cybersecurity risks. Since vulnerabilities are ...
3 months ago Hackersonlineclub.com
ZTNA over VPN Can Be a Good Place to Start Your Zero Trust Journey - Zero-trust network access has become the leading project for organizations looking to adopt zero-trust principles. Gartner predicts that 60% of organizations will be adopting zero trust by 2025,1 so there are lots of zero-trust projects going on. As ...
6 months ago Feeds.fortinet.com
Ivanti VPN Zero-Day Flaws Fuel Widespread Cyber Attacks - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
5 months ago Hackread.com
Mobile Device Security: Protecting Your Smartphone - To ensure the safety of your smartphone and protect your personal data from unauthorized access, it is crucial to take proactive steps to enhance mobile device security. Enable device encryption: Enable device encryption on your smartphone to protect ...
5 months ago Securityzap.com
Defend Your Business: Testing Your Security Against QakBot and Black Basta Ransomware - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
1 month ago Securityboulevard.com
What is Biometric Security? Your Body Becomes Your Key - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
5 months ago Hackersonlineclub.com
Salt Security Delivers API Posture Governance Engine - PRESS RELEASE. PALO ALTO, Calif., Jan. 17, 2024 /PRNewswire/ - Salt Security, the leading API security company, today announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt ...
5 months ago Darkreading.com
Salt Security, API Posture Governance, and the NIST Cybersecurity Framework 2.0 - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
3 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)