Credential spraying from thousands of IP addresses are targeting VPNs, Cisco warns



For a month now, hackers have been mounting a large-scale credential stuffing attack against multiple Virtual Private Network (VPN) instances around the world. At the moment, it’s hard to say who is behind the attack, or what the motives are, but researchers have some clues.

As reported by Ars Technica, Cisco’s Talos security team recently warned of an ongoing campaign in which attackers keep trying more than 2,000 usernames and some 100 passwords against different VPNs. Some of the products in the attackers’ crosshairs include Cisco Secure Firewall VPN, Checkpoint VPN, Fortinet VPN, SonicWall VPN, RD Web Services, Mikrotik, Draytek, and Ubiquiti, however others could be targeted, as well.



Source Article Link

Leave a Comment