Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

‘Sophisticated threat actor’ is targeting Zyxel firewalls and VPNs

Customers of networking solutions products made by Zyxel have been warned that a “sophisticated” threat actor is actively targeting its firewalls and VPNs.

In a screenshot of an advisory posted on Twitter, the company advised users to tighten their security protocols in defense against the as-yet-unnamed attackers.

The letter reads: “We recently became aware of a sophisticated threat actor targeting a small subset of Zyxel security appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Those running the nebula cloud management mode are not affected.

“We’re aware of the situation and have been working our best to investigate and resolve it.”

The attacker in question has been attempting to access devices through WAN, Zyxel explained. If successful, the attacker could bypass authentication and connect to unknown accounts in the devices, “such as ‘zyxel_sllvpn’, ‘zyxel_ts’, or ‘zyxel_vpn_test’”.

Zyxel said the most effective way of reducing the attack surface is “maintaining a proper security policy for remote access”, including blocking unknown IP addresses and only enabling access from trusted locations.

The company advises users to disable HTTP/HTTPS services from WAN, unless they have to manage devices from the WAN side, and if so, to follow the above practices.

The Zyxel website contains a detailed account of best practices for securing a distributed network infrastructure.

Source: https://portswigger.net/daily-swig/sophisticated-threat-actor-is-targeting-zyxel-firewalls-and-vpns

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security approach...

Cyber Security

The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.” A Chinese-linked hacking group that security researchers say...

Cyber Security

The administration and its private sector partners announced a slate of new initiatives on Monday aimed at protecting the nation’s school systems and their...

Cyber Security

The plan includes measures for improving cybersecurity knowledge at all levels of education and improving how the federal government attracts, hires and pays cybersecurity...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO