Adversaries are increasingly inaugurating their offensives not with conventional malware, but by subverting legitimate remote access credentials. A recent incursion, meticulously analyzed by Huntress, highlights a disconcerting trend: after infiltrating a network via SonicWall...
Fortinet has warned administrators that real-world attacks are once again exploiting the vulnerability FG-IR-19-283 (CVE-2020-12812), first disclosed in July 2020. Under certain FortiGate configurations, the flaw allows attackers to bypass two-factor authentication and log...
Between June and July 2025, researchers recorded hundreds of thousands of password brute-force attempts targeting SSL VPN and RDP services. The source of the attacks was traced to the Ukrainian autonomous system FDN3 (AS211736),...
Since mid-July, a surge in ransomware attacks leveraging the Akira strain has been observed, specifically targeting SonicWall devices. According to cybersecurity firm Arctic Wolf, threat actors have been actively exploiting SSL VPN connections on...
NachoVPN NachoVPN is a Proof of Concept that demonstrates exploitation of SSL-VPN clients, using a rogue VPN server. It uses a plugin-based architecture so that support for additional SSL-VPN products can be contributed by...
The Norwegian National Cyber Security Centre (NCSC) strongly advises organizations to replace SSL VPN/WebVPN with more secure alternatives due to the frequent exploitation of vulnerabilities in network devices. This measure aims to protect corporate...
A critical vulnerability in Fortinet’s security systems has impacted approximately 150,000 devices worldwide. The vulnerability, CVE-2024-21762 (CVSS score: 9.8), is characterized as an out-of-bounds write issue in FortiOS, enabling an unauthenticated attacker to execute...
