Cisco warns of large-scale brute-force attacks against VPN services
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [...]
Ubiquiti produces network equipment and software whose vulnerabilities, exposed management interfaces, and insecure configurations can affect organizations.
Search across headline titles and summaries.
Background for this topic.
Ubiquiti is a networking-equipment brand whose ecosystem includes wireless access points, switches, routers and gateways, cameras, and centralized management software such as UniFi. These devices often sit directly on an organization’s network, while management may be performed through a local controller or a vendor-linked cloud account, making their security relevant beyond the individual appliance.
Security reporting commonly concerns firmware vulnerabilities, exposed administrative interfaces, insecure configuration, and compromise of controller or cloud credentials. A flaw in a gateway or controller could allow unauthorized configuration changes, network access, or visibility into connected devices; exposure depends on the product, version, and deployment. Practitioners should inventory models and firmware, restrict management planes from the public internet, enforce strong unique administrator authentication and multi-factor authentication where supported, review remote-management settings and logs, and apply vendor updates through a documented lifecycle. During an incident, preserve controller and gateway logs and check for altered accounts, firewall rules, DNS settings, or newly adopted devices.
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [...]