According to the NSA, multiple Advanced Persistent Threat (APT) actors have been exploiting multiple VPN vulnerabilities from several VPN products including Palo Alto GlobalProtect™ and Fortinet Fortigate™ products. These vulnerabilities allow threat actors to gain remote access to affected networks, which could result in breaches or worse. Patches are available from the VPN product vendors that mitigate the vulnerabilities. Although the advisory was issued in October 2019, current intelligence indicates that threat actors continue to exploit these unpatched VPN servers.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security