Nation State Actors Hitting UK with VPN Attacks, Warns NCSC

Oct 9, 2019 04:00 pm Cyber Security 249
Nation State Actors Hitting UK with VPN Attacks, Warns NCSC
Add to favorites

“This activity is ongoing, targeting both UK and international organisations”


Hundreds of British organisations are vulnerable to VPN attacks being launched by sophisticated Advanced Persistent Threat (APT) actors, who are actively exploiting vulnerabilities in a trio of commercial VPN products, the NCSC has warned.


The organisation, overseen by GCHQ, warned: “This activity is ongoing, targeting both UK and international organisations. Affected sectors include government, military, academic, business and healthcare. These vulnerabilities are well documented in open source, and industry data indicates that hundreds of UK hosts may be vulnerable.”


VPN Attacks Allow “Secondary Exploits Aimed at Accessing a Root Shell”


The warning last week comes three months after the US’s Department of Homeland Security highlighted the vulnerabilities in Fortinet, Palo Alto and Pulse VPN products, warning that “A remote attacker could… take control of an affected system”.


The highest-impact vulnerabilities known to be exploited by APTs are listed below, although this is not an exhaustive list of CVEs associated with these products.


Sample exploit code for these vulnerabilities is publicly available online. The NCSC cautions against testing infrastructure with untrusted third-party code.


The main CVEs being exploited are the following:


Pulse Connect Secure:


Fortinet:


CVE-2018-13379: Pre-auth arbitrary file reading
nation state actors hitting attacks warns
Read The Rest from the original source
cbronline.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!