Hundreds of British organisations are vulnerable to VPN attacks being launched by sophisticated Advanced Persistent Threat (APT) actors, who are actively exploiting vulnerabilities in a trio of commercial VPN products, the NCSC has warned.
The organisation, overseen by GCHQ, warned: “This activity is ongoing, targeting both UK and international organisations. Affected sectors include government, military, academic, business and healthcare. These vulnerabilities are well documented in open source, and industry data indicates that hundreds of UK hosts may be vulnerable.”
VPN Attacks Allow “Secondary Exploits Aimed at Accessing a Root Shell”
The warning last