Security News > 2024 > March > Cisco warns of password-spraying attacks targeting VPN services

Cisco warns of password-spraying attacks targeting VPN services
2024-03-28 16:37

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN services configured on Cisco Secure Firewall devices.

The company says that the attacks have also been targeting other remote access VPN services and appear to be part of reconnaissance activity.

During a password-spraying attack, an adversary tries the same password with multiple accounts in an attempt to log in.

Cisco's mitigation guide lists indicators of compromise for this activity to help detect the attacks and block them.

' The connection is based on the particular targeting scope and attack patterns.

The attacks that Martin observed initially targeted SSLVPN appliances from Fortinet, Palo Alto, SonicWall, and Cisco but have now expanded to also include web apps that use Active Directory for authentication.


News URL

https://www.bleepingcomputer.com/news/security/cisco-warns-of-password-spraying-attacks-targeting-vpn-services/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751