VPN | OSG: Bits, Bytes and Packets

Skip navigation

Category Archives: VPN

VPN brute force attacks: Your logs are full of them (guaranteed)

April 16, 2024 – 1:10 pm
Posted in Attacks, Community, Computers and Internet, Cyber security, HAck, VPN
Tagged BigMama Proxy, Bleepingcomputer.com, Checkpoint VPN, Cisco, Cisco Secure Firewall VPN, Cisco Talos, Draytek, FortiOS SSL-VPN, IPIDEA Proxy, Miktrotik, Nexus Proxy, Proxy Rack, RD Web Services, SonicWall VPN, Space Proxies, TOR, Ubiquiti, VPN, VPN Gate
Leave a Comment

https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services

Make sure you are using MFA for every account that has remote access and check all remote access points; not just VPNs.

Ivanti Connect Secure/Pulse Secure

December 9, 2023 – 5:05 pm
Posted in Attacks, Business Continuity, CISA, Computers and Internet, Cyber security, Exploit Warning, Patch Available, Technology, VPN, Vulnerability Management
Tagged Bleepingcomputer.com, Ivanti, Ivanti Connect Secure, Pulse Secure
Leave a Comment

If you are not caught up on patches, get so quickly. In addition to password spraying, we are seeing a large pickup in exploit attempts. The most recent version is Release 9.1R18.2 PRs. You can find the notes here: https://help.ivanti.com/ps/help/en_US/ICS/9.1RX/rn-9.1R18.2/fixed-issues.htm. It was only May, 2021 when actors were exploiting zero-days. The impact of that vulnerability caused Pulse Secure to release an Integrity Tool to check if files had been modified on the appliances.

Now might be a good time to refamiliarize yourself with the tool if you are not familiar https://forums.ivanti.com/s/article/KB44755?language=en_US

Ivanti Best Practices Guide https://forums.ivanti.com/s/article/KB29805?language=en_US&kA1j0000000Fil5=

If you haven’t patched GoAnywhere Managed File Transfer (MFT) do it right now (Though it might be too late).

March 28, 2023 – 5:46 pm
Posted in Attacks, Business Continuity, Computers and Internet, Cyber security, Disaster Recovery, Exploit Warning, HAck, Patch Available, ransomware, Technology, VPN, Vulnerability, Zero Day
Tagged CVE-2023-0669, GoAnywhere, securityweek.com
Leave a Comment

https://www.securityweek.com/goanywhere-zero-day-attack-hits-major-orgs/

SSL-VPN zero-day vulnerability

December 13, 2022 – 1:47 pm
Posted in Attacks, Computers and Internet, Cyber security, HAck, Outage, Patch Available, Technology, VPN, Vulnerability, Zero Day
Tagged CWE-122, SSL-VPN
Leave a Comment

Anyone else seeing other impacted products? What else is vulnerable to ” heap-based buffer overflow vulnerability [CWE-122]”

PSIRT Advisory: Patch FortiOS SSL-VPN ASAP

December 13, 2022 – 10:59 am
Posted in Attacks, Breaking, Computers and Internet, Cyber security, Exploit Warning, HAck, Patch Available, Technology, VPN, Vulnerability
Tagged CVE-2022-42475, Fortigate, FortiGuard Labs Research, Fortinet, FortiOS SSL-VPN, heap-based buffer overflow, RCE
Leave a Comment

https://www.fortiguard.com/psirt/FG-IR-22-398

JIT for Black Friday shopping: FBI releases tips to help protect your systems, your data and your money safe

November 25, 2022 – 12:19 pm
Posted in Card theft, Cloud, Community, Computers and Internet, Cyber security, FBI, Fraud, Leaked Credentials, Phishing, Privacy, Security Education, Social Engineering, Spam, Technology, VPN
Tagged data, fbi.gov, IC3.gov, internet, Systems
Leave a Comment

https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/on-the-internet

Credential stuffing attacks are using residential proxies (hacked devices)

August 22, 2022 – 5:58 pm
Posted in Attacks, Cloud, Computers and Internet, Cyber security, FBI, HAck, IoT, Malware, Technology, VPN
Tagged Credential Stuffing, IC3, Private Industry Notification, proxy
Leave a Comment

https://www.bleepingcomputer.com/news/security/fbi-warns-of-residential-proxies-used-in-credential-stuffing-attacks/

Cisco: Upgrade (replace) EoL VPN devices

Cisco tells customers to upgrade VPN routers or risk attack (msn.com)

CISA/FBI/ACSC/NCSC release joint advisory concerning vulnerabilities in Fortinet and Microsoft Exchange products. These are not new vulnerabilities but remain exploited

November 17, 2021 – 5:07 pm
Posted in Attacks, Business Continuity, CISA, Community, Computers and Internet, Cyber security, Disaster Recovery, Exchange, Exploit Warning, FBI, HAck, Microsoft, Microsoft Patches, Patch Available, ransomware, Virus, VPN
Tagged ACSC, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Fortinet, Fortinet FortiOS, NCSC
Leave a Comment

https://www.bleepingcomputer.com/news/security/us-uk-warn-of-iranian-hackers-exploiting-microsoft-exchange-fortinet/

FBI advised that it is aware an APT exploited a Zero-day in FatPipe MPVPN servers for 6 months but don’t name the actor. Patch released.

November 17, 2021 – 4:13 pm
Posted in Attacks, Computers and Internet, Cyber security, Exploit Warning, FBI, HAck, Patch Available, Technology, VPN, Vulnerability, WFH, Zero Day
Leave a Comment

https://therecord.media/fbi-an-apt-abused-a-zero-day-in-fatpipe-vpns-for-six-months/