Threat Awareness – Threat Actors Target Insecure VPN Instances for Initial Access to Enterprise Networks

WaterISAC is sharing this recent threat actor behavior for member awareness. Threat actors have been identified targeting VPN solutions from various cybersecurity vendors for initial access into enterprise networks. Cybersecurity firm Check Point has monitored such login attempts where attackers leveraged old VPN local accounts with password-only authentication and don’t appear to involve exploitation of a software vulnerability.