Security News > 2021 > April > NSA: Russian Hackers Exploiting VPN Vulnerabilities - Patch Immediately

The U.S. government on Thursday warned that Russian APT operators are exploiting five known - and already patched - vulnerabilities in corporate VPN infrastructure products, insisting it is "Critically important" to mitigate these issues immediately.

According to the NSA, the five vulnerabilities should be prioritized for patching alongside the newest batch of Exchange Server updates released by Microsoft earlier this week.

"Mitigation against these vulnerabilities is critically important as U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors," the NSA said.

The NSA's decision to pinpoint the five old security flaws suggests that many organizations are slow to apply the available fixes, especially during the pandemic when work-from-home expanded the need for VPN technologies.

"In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA," the agency said.

"[We] strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations," it added.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/yAvS2A76bBA/nsa-russian-hackers-exploiting-vpn-vulnerabilities-patch-immediately