Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA).
Last week, BleepingComputer reported that the Akira ransomware gang was breaching Cisco VPNs for initial network access.
Rapid7 security researchers have provided additional insights regarding these incidents in a report published on Tuesday, revealing that attackers have been directing their efforts towards these devices since March of this year in brute force attacks designed to guess the targets’ login credentials.
Read more at Bleeping Computer.