CyberSecurityBoard
Sponsor Register Login

Ongoing enterprise hacking campaign targets Check Point VPNs

Intrusions infiltrating enterprise networks through Check Point Remote Access VPN instances are underway, according to BleepingComputer.
Attackers have conducted three attempts to compromise Check Point VPN solutions through old VPN local accounts using password-only authentication, an advisory from Check Point warned.
Organizations have been urged to better defend their systems by adopting more secure authentication options and removing vulnerable local accounts, as well as implementing a Security Gateway hotfix that would prevent purely password-protected accounts from accessing Remote Access VPN. Such an advisory from Check Point comes more than a month after a Cisco alert noting extensive credential brute-force intrusions against Check Point, Cisco, SonicWall, Fortinet, and Ubiquiti devices' VPN and SSH services.


This Cyber News was published on packetstormsecurity.com. Publication date: Tue, 28 May 2024 17:13:06 +0000


Cyber News related to Ongoing enterprise hacking campaign targets Check Point VPNs

Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
11 months ago Securityzap.com
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
6 months ago Cybersecurity-insiders.com
5 Best VPNs for Travel in 2024 - VPNs are software that encrypt your online activity and adjust your IP address, protecting sensitive company data and allowing you to access geo-restricted content at the same time. In this article, we take a look at the five best VPNs for travelers. ...
8 months ago Techrepublic.com
Attackers Target Check Point VPNs to Access Corporate Networks - In recent months, researchers have observed an increase in attackers using remote access virtual private networks as a golden ticket for initial network access. Multiple cybersecurity vendors' solutions have been compromised, according to a recent ...
6 months ago Darkreading.com
Unveiling Free VPN Risks: Protecting Online Privacy and Security - If you're seeking enhanced security and privacy for your online activities, you might be considering the use of a Virtual Private Network. Virtual Private Networks are specifically crafted to accomplish this task. A quality VPN channels your web ...
10 months ago Cysecurity.news
Check Point warns of threat actors targeting VPNs - Check Point Software Technologies warned of attempted attacks against its VPNs by targeting accounts that use passwords as the only means of authentication. The warning came via a Monday blog post urging readers to improve their VPN security ...
6 months ago Techtarget.com
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
Hackers target Check Point VPNs to breach enterprise networks - Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory. Remote Access is integrated into all Check Point network firewalls. It can be configured ...
6 months ago Bleepingcomputer.com
GigaOm's Cloud Network Security Radar Ranks Check Point as the Industry Leader - This article introduces GigaOm's inaugural Radar for Cloud Network Security and explains why Check Point was ranked as the Leader as well as a Fast Mover. Firstly, it is the cloudified version of Check Point's on-premises network security, from which ...
11 months ago Blog.checkpoint.com
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
7 years ago
VPN for Your Phone: Key to Global Email Security While Traveling - You'll need to enter the details of your VPN connection, including the VPN name, type, server address, and any required authentication credentials. One essential way to use a VPN is to protect your email communications. A VPN can be side-loaded for ...
11 months ago Securityboulevard.com
Check Point discovers vulnerability tied to VPN attacks - Check Point Software Technologies disclosed a zero-day vulnerability connected to recent attempted attacks against its VPN technology. The cybersecurity vendor advised customers against using password-only authentication for local accounts and issued ...
6 months ago Techtarget.com
Ongoing enterprise hacking campaign targets Check Point VPNs - Intrusions infiltrating enterprise networks through Check Point Remote Access VPN instances are underway, according to BleepingComputer. Attackers have conducted three attempts to compromise Check Point VPN solutions through old VPN local accounts ...
6 months ago Packetstormsecurity.com
6 Best Anonymous VPNs for 2024 - VPNs are primarily used to secure online traffic and help users remain anonymous to avoid targeted ads, hide their location or ensure the security and privacy of their personal data. Though many VPN providers may advertise having a no-logs policy, ...
10 months ago Techrepublic.com
5 Best VPNs for Android in 2024 - See details VIsit ProtonVPN. see details Visit CyberGhost VPN. As more Android users rely on their smartphones to surf the web, virtual private networks have become essential tools to help secure your mobile connection, no matter where you are. One ...
10 months ago Techrepublic.com
Understanding the Complexities of VPNs: Balancing Privacy and Security in the Digital Age - A U.S. traveler in Europe might face restrictions accessing certain paid streaming services available in the U.S., which can be circumvented by a VPN masking the local European IP address, thus granting access to U.S.-based content. While VPNs appear ...
6 months ago Cysecurity.news
Enhance your VPN Security Posture! - Over the past few months, we have observed increased interest of malicious groups in leveraging remote-access VPN environments as an entry point and attack vector into enterprises. Attackers are motivated to gain access to organizations over ...
6 months ago Blog.checkpoint.com
Check Point VPN zero-day exploited in attacks since April 30 - Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. Check Point warned ...
6 months ago Bleepingcomputer.com
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
10 months ago Infosecurity-magazine.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
UAE Cybersecurity Official Warns of VPN Abuse - The top cyber official in the United Arab Emirates worries that virtual private networks are being misused in the country. UAE residents increased their downloads of VPN apps by 1.83 million in 2023, reaching a total of 6.1 million, according to the ...
9 months ago Darkreading.com
China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
9 months ago Darkreading.com
Dutch hacker jailed for extortion, selling stolen data on RaidForums - A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide. The suspect, a 21-year-old man from Zandvoort named ...
1 year ago Bleepingcomputer.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
9 months ago Darkreading.com
Cybersecurity Insiders - As the threat landscape rapidly evolves, VPNs cannot provide the secure, segmented access organizations need. The 2023 VPN Risk Report reveals the complexity of today's VPN management, user experience issues, vulnerabilities to diverse cyberattacks, ...
11 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)