Check Point releases emergency fix after hackers target VPNs  

Check Point released an emergency fix for its VPNs after hackers targeted them to breach corporate networks  

Published - May 31, 2024 04:33 pm IST

Check Point released an emergency fix for a zero-day vulnerability being exploited to target its Remote Access VPN devices.  

Check Point released an emergency fix for a zero-day vulnerability being exploited to target its Remote Access VPN devices.   | Photo Credit: Reuters

Check Point released an emergency fix for a zero-day vulnerability being exploited to target its Remote Access VPN devices.

Remote Access VPNs are integrated into all Check Point networks via VPN clients and were targeted to try to breach corporate networks.

The company on Monday issued a warning about a spike in attacks targeting VPN devices, sharing recommendations on how admins can protect their devices. Later the problem was found to be a zero-day flaw that was being exploited by hackers.

At the time the company said it had witnessed multiple attempts that when analysed were found to have the same pattern.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

“The vulnerability potentially allows an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled”, the company said in a blog post.

The company created an FAQ page with additional information about the vulnerability and created a remote access validation script that can be used to review results and take appropriate actions.

Check Point is the second company to have issued an alert warning customers of attacks on VPN devices. Earlier, Cisco also warned about widespread credential brute-forcing attacks targeting VPN and SSH services on Cisco, Check Point, Sonic Wall, Fortinet, and Ubiquiti devices.

The campaign reportedly started around 18 March with attacks originating from TOR exit nodes that are used to anonymize user access to a network to provide private web browsing increasing network security. The attack campaign was found using various anonymization tools and proxies to evade blocks, a report from Bleeping Computer said.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.