Security News > 2021 > April > NSA: Russian Hackers Exploiting VPN Vulnerabilities - Patch Immediately
The U.S. government on Thursday warned that Russian APT operators are exploiting five known - and already patched - vulnerabilities in corporate VPN infrastructure products, insisting it is "Critically important" to mitigate these issues immediately.
According to the NSA, the five vulnerabilities should be prioritized for patching alongside the newest batch of Exchange Server updates released by Microsoft earlier this week.
"Mitigation against these vulnerabilities is critically important as U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors," the NSA said.
The NSA's decision to pinpoint the five old security flaws suggests that many organizations are slow to apply the available fixes, especially during the pandemic when work-from-home expanded the need for VPN technologies.
"In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA," the agency said.
"[We] strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations," it added.
News URL
Related news
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)