The Federal Bureau of Investigation (FBI) has issued a report of advanced persistent threat (APT) actors exploiting 0-day FatPipe MPVPN networking devices since at least May of 2021.
Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.
Palo Alto Networks has fixed a Critical PAN-OS vulnerability (CVE-2021-3064) in GlobalProtect Portal and Gateway Interfaces.
Citrix has addressed a Critical unauthenticated denial of service (DoS) vulnerability CVE-2021-22955 in ADC and Citrix Gateway products.
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Information Sheet selecting and securing remote access VPNs.
Threat actors from suspected North Korea APT group Kimsuky breached a South Korean atomic research institute via a VPN vulnerability.
SonicWall has released a new firmware update for SMA 100 Series 10.X And 9.X products. The latest update supersedes previous urgent patches that fixed a zero-day vulnerability CVE-2021-20016 earlier this month.
The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or "vishing" attacks.
Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.
Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.