The company has released a standard operating procedure to guide users through setting up a remote access policy and is also working on a hotfix with further countermeasures to mitigate the threat. Vulnerability Disclosureįollowing the disclosure of the vulnerability, Zyxel says it determined that maintaining best practices for remote access security policies could help prevent attacks. The attackers are using hard-coded accounts to access a device through WANs, Zyxel reports. "The threat actor attempts to access a device through WAN if successful, they then bypass authentication and establish SSL VPN tunnels with unknown user accounts, such as 'zyxel_sllvpn', 'zyxel_ts', or 'zyxel_vpn_test', to manipulate the device’s configuration," the company says in a statement. The company says that attackers are targeting its enterprise firewall and VPN server solutions in the USG, ATP, USG FLEX, ZyWALL and VPN series that have remote management or SSL VPN enabled. See Also: Leading Medical Technology Provider Gains Deep Visibility into Its Manufacturing Processes Zyxel, a Taiwanese networking device manufacturer, is notifying customers about an ongoing series of attacks on some of its enterprise firewall and VPN products and is advising users to maintain proper remote access security policies as it prepares a hotfix.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |