Check Point Warns Critical Auth Bypass Bug Exploited in the Wild
Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin
A VPN creates an encrypted tunnel between devices and a remote network, making its configuration and flaws important to privacy and access control.
Search across headline titles and summaries.
Background for this topic.
VPN (virtual private network) creates an encrypted tunnel between a device and a VPN gateway, or between networks, across an untrusted network such as the internet. It is commonly used for remote access and site-to-site connectivity. Encryption protects traffic in transit between the tunnel endpoints, but it does not secure a compromised device, protect data after it reaches the destination, or automatically make the VPN provider trustworthy; logging and traffic visibility depend on its configuration and operator.
VPN gateways are high-value entry points: vulnerabilities in internet-facing appliances, weak protocols or configurations, and stolen credentials can enable unauthorized access to internal systems. Organizations should patch and securely configure gateways, require phishing-resistant or otherwise strong multi-factor authentication where practical, restrict access and segment remote sessions, and monitor authentication and connection logs. During an incident, VPN account and gateway records can help identify access, while compromised gateways may require credential resets and network-wide review.
Weekly headline count for the current query.
Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol
The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations
Beazley Security data finds the top cause of initial access for ransomware in Q3 was compromised VPN credentials
Forescout researchers discovered critical and high-severity vulnerabilities in several TP-Link VPN routers
A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws
Akira ransomware attacks on SonicWall SSL VPN appliances are bypassing its MFA for rapid deployment
A new report has mapped the tactical evolution of mule operators in the META region from VPNs to advanced fraud networks
Researchers detected that FreeVPN.One, a longstanding Chrome Web Store VPN extension, recently turned into spyware
Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs
Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024
Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023
PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign
A variant of the WikiLoader malware was observed being delivered via SEO poisoning and spoofing Palo Alto Networks’ GlobalProtect VPN software
Forescout highlighted a 43% increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens
These attacks did not exploit a vulnerability but instead leveraged weaker authentication methods
Volexity detects 1700 compromised Ivanti VPN devices following publication of two zero-days last week
The exploit code, shared by a researcher on Reddit, demonstrates the issue