{"id":89465,"date":"2024-08-28T08:00:46","date_gmt":"2024-08-28T15:00:46","guid":{"rendered":"https:\/\/forescoutstage.wpengine.com\/?p=89465"},"modified":"2024-09-09T15:02:11","modified_gmt":"2024-09-09T22:02:11","slug":"vpn-vulnerabilities-cyber-attacks","status":"publish","type":"post","link":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/","title":{"rendered":"VPN Vulnerabilities As a Target: Virtual Private Not At All"},"content":{"rendered":"<p>If you thought VPNs were secure or private, think again.<\/p>\n<p>Our most recent research, \u201cPerils in the Periphery\u201d, examines threat data from January 1 to July 31, 2024 (2024H1) compared with our data from the first half of 2023.\u00a0 We discovered \u00a0two observable and notable trends:<\/p>\n<ol>\n<li><strong>VPN vulnerabilities<\/strong> are heavily targeted by major threat groups<\/li>\n<li>State-sponsored actors are using hacktivist personas as a disguise<\/li>\n<\/ol>\n<p>The first half of 2024 has also had changes to the threat landscape, including a 43% surge in published vulnerabilities and an increase in ransomware incidents. Understanding all of these new threats is essential for improving an organization\u2019s security posture and <a href=\"\/glossary\/cyber-resilience\/\">cyber resilience<\/a>.<\/p>\n<div style=\"display: block; margin: 10px; border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC; padding: 10px;\">\n<h4>2024H1 Threat Review: Perils in the Periphery<\/h4>\n<p class=\"u-display-flex u-flex-wrap u-gap\"><a href=\"\/research-labs\/2024h1-threat-review\/\"  title=\"GET The Full Report\" class=\"c-btn c-btn--primary c-btn--outline u-flex-auto u-flex-initial@sm u-justify-center u-justify-start@sm has-icon icon-arrow-right icon-position-right has-icon-animation icon-animation-fade-in\"><span class=\"cta-button-text\">GET The Full Report<\/span><\/a>\n<\/div>\n<p>&nbsp;<\/p>\n<h3>VPN Vulnerabilities Are Massive Targets<\/h3>\n<p>The trend of exploits targeting perimeter and network infrastructure devices has only increased in 2024H1. VPNs have been a primary target during this period as threat actors have exploited a series of vulnerabilities in widely used solutions, such as <strong>Ivanti Connect Secure<\/strong>, <strong>Cisco Adaptive Security Appliance<\/strong> (ASA), <strong>Firepower Threat Defense<\/strong> (FTD) and <strong>FortiOS SSL VPN<\/strong>, leading to unauthorized access.<\/p>\n<p>These <strong>attacks frequently utilized zero-days or recently disclosed vulnerabilities that had not yet been patched<\/strong>. The motivations behind these attacks typically included espionage, data theft and the disruption of critical services, particularly in sectors heavily reliant on remote access. Specific examples include:<\/p>\n<ul>\n<li>Chinese APTs, such as Volt Typhoon, are exploiting FortiOS SSLVPN vulnerabilities for initial access and deploy custom malware on over 20,000 devices worldwide, including a <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-hackers-breached-20-000-fortigate-systems-worldwide\/\" target=\"_blank\" rel=\"noopener\">Dutch military network<\/a>.<\/li>\n<li>The <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks\/\" target=\"_blank\" rel=\"noopener\">ArcaneDoor<\/a> campaign, attributed to STORM-1849, gained unauthorized access to government networks worldwide via Cisco&#8217;s SSL VPN services.<\/li>\n<li>The Chinese group <a href=\"https:\/\/www.recordedfuture.com\/redjuliett-intensifies-taiwanese-cyber-espionage-via-network-perimeter\" target=\"_blank\" rel=\"noopener\">RedJuliett<\/a> exploits known vulnerabilities in firewalls, VPN appliances and load balancers to gain initial access into Taiwanese organizations for intelligence gathering.<\/li>\n<\/ul>\n<p>In response to this wave of attacks, CISA released a guide on \u201c<a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2024-06\/joint-guide-modern-approaches-to-secure-network-access-security-508c.pdf\" target=\"_blank\" rel=\"noopener\">modern approaches to network access security<\/a>\u201d discussing how organizations can replace VPNs with solutions including SASE. Similarly, Norway\u2019s cybersecurity center <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/norway-recommends-replacing-ssl-vpn-to-prevent-breaches\/\" target=\"_blank\" rel=\"noopener\">recommended<\/a> that organizations replace their SSL VPN solutions with alternatives using IPsec.<\/p>\n<h3>Key Findings:<\/h3>\n<ul>\n<li>Published vulnerabilities increased by 43%<\/li>\n<li>The number of CVEs added to CISA KEV decreased by 23%<\/li>\n<li><strong>20% of new exploited vulnerabilities target VPN or network infrastructure appliances<\/strong><\/li>\n<li>387 threat actors tracked in 2024: China has the most<\/li>\n<li>The most targeted countries are the US, Germany and India<\/li>\n<li>The top targeted verticals are government, financial services and technology<\/li>\n<li>We observed 3,085 ransomware attacks, a 6% increase.\n<ul>\n<li>441 attacks per month or 15 per day<\/li>\n<li>The number of active groups grew 55%<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-89658\" src=\"\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_New-Vulnerabilities-per-Month.jpg\" alt=\"\" width=\"1400\" height=\"auto\" srcset=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_New-Vulnerabilities-per-Month.jpg 1400w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_New-Vulnerabilities-per-Month-300x169.jpg 300w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_New-Vulnerabilities-per-Month-1024x576.jpg 1024w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_New-Vulnerabilities-per-Month-768x432.jpg 768w\" sizes=\"(max-width: 1400px) 100vw, 1400px\" \/><\/p>\n<p><strong><em>Go deeper: 2024 has been a year for risky network assets. See all of them in our roundup \u201c<a href=\"\/blog\/what-are-the-riskiest-connected-devices-right-now\/\">Riskiest Connected Devices<\/a>\u201d. Plus, watch our <a href=\"\/webinars\/2024-riskiest-devices-ams\/\"><strong>on-demand webinar<\/strong><\/a> Daniel dos Santos, Senior Director of Research, Vedere Labs.<\/em><\/strong><\/p>\n<h2>Critical Infrastructure in the Crosshairs<\/h2>\n<h3>Lines Blur Between Hacktivists and State-Sponsored Actors<\/h3>\n<p>In 2022, we <a href=\"\/resources\/threat-report-the-increasing-threat-posed-by-hacktivist-attacks\/\" target=\"_blank\" rel=\"noopener\">reported<\/a> on a trend of hacktivists aligning with geopolitical conflicts and expanding their TTPs from defacements and DDoS to data leaks and disruption of cyber-physical systems. Nearly two years later,\u00a0 the trend has evolved to state-sponsored actors using hacktivist personae to conduct some of their attacks. This shift may be driven by several factors, such as increased visibility of campaigns and plausible deniability for the actors.<\/p>\n<p>Notable early examples include \u201c<a href=\"https:\/\/www.wired.com\/story\/predatory-sparrow-cyberattack-timeline\/\" target=\"_blank\" rel=\"noopener\">Predatory Sparrow<\/a>,\u201d which poses as a hacktivist group rebelling against the Iranian state, but is believed to be affiliated with Israel. Similarly, Iranian groups like <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/iranian-apts-dress-up-as-hacktivists-for-disruption-influence-ops\" target=\"_blank\" rel=\"noopener\">\u00a0\u201cKarma Power\u201d and \u201cThe Malek Team\u201d<\/a> have targeted Israeli critical infrastructure and are thought to be affiliated with Iran\u2019s Ministry of Intelligence or the Islamic Revolutionary Guard Corps.<\/p>\n<p>Critical infrastructure organizations continue to be disproportionally targeted by this type of threat actor. Notable examples in 2024H1 include:<\/p>\n<ul>\n<li>The <a href=\"https:\/\/therecord.media\/russia-hackers-cyberattack-tipton-indiana\" target=\"_blank\" rel=\"noopener\">Cyber Army of Russia<\/a>, believed to be linked to Sandworm, launched an attack against a wastewater treatment plant in the U.S. This attack occurred a month after the <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/white-house-and-epa-warn-of-hackers-breaching-water-systems\/\" target=\"_blank\" rel=\"noopener\">White House warned<\/a> of hackers targeting U.S. water systems.<\/li>\n<li>The <a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/dangerous-new-ics-malware-targets-orgs-in-russia-and-ukraine\" target=\"_blank\" rel=\"noopener\">BlackJack<\/a> group, thought to be affiliated with Ukrainian intelligence, used the custom malware <a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/dangerous-new-ics-malware-targets-orgs-in-russia-and-ukraine\" target=\"_blank\" rel=\"noopener\">Fuxnet<\/a> to disable thousands of sensors monitoring Moscow\u2019s sewage system.<\/li>\n<li>The Ikaruz Red Team, believed to be affiliated with China, deployed ransomware created using builders from several known families, such as LockBit, Cl0p and ALPHV to disrupt the government of the Philippines.<\/li>\n<\/ul>\n<p>Partly due to the increase in attacks like these, OT device manufacturer Rockwell Automation issued an alert in May, warning their users to take internet-exposed devices offline \u201cdue to heightened geopolitical tensions and adversarial cyber activity globally\u201d.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-89619\" src=\"\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_Ransomware-incidents-per-month-V2.jpg\" alt=\"\" width=\"1200\" height=\"675\" srcset=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_Ransomware-incidents-per-month-V2.jpg 1200w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_Ransomware-incidents-per-month-V2-300x169.jpg 300w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_Ransomware-incidents-per-month-V2-1024x576.jpg 1024w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-VL-Perils-in-the-Periphery_Ransomware-incidents-per-month-V2-768x432.jpg 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/p>\n<h3>Mitigation Guidance<\/h3>\n<p>For complete, detailed mitigation recommendations, charts on CISA KEV and Vedere Labs KEV, threat actors, and much more, read the complete research report.<\/p>\n<p>We encourage organizations to prioritize extending <a href=\"\/solutions\/asset-inventory\/\">visibility<\/a>, <a href=\"\/solutions\/risk-and-exposure-management\/\">risk assessment<\/a> and proactive controls to cover the increased attack surface of VPNs and network perimeter assets and appliances being exploited. <strong>In addition, we urge organizations to follow specific recommendations for disconnecting internet-exposed operational technology and replacing SSL VPNs.<\/strong><\/p>\n<p>After implementing proactive controls, ensure that threat detection and response systems encompass every device within the whole organization. Since threats now move from one type of device to another, it is crucial to detect them throughout the entire organization \u2013 from an entry point such as a vulnerable router, to a pivot point, like a misconfigured workstation, and finally to a target such as an insecure OT device. Ensure your threat detection solution covers all device types and ingests multiple data sources, including firewalls, intrusion detection systems, endpoint detection and response (EDR) and other security tools.<\/p>\n<div style=\"display: block; margin: 10px; border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC; padding: 10px;\">\n<h4>2024H1 Threat Review: Perils in the Periphery<\/h4>\n<p class=\"u-display-flex u-flex-wrap u-gap\"><a href=\"\/resources\/2024h1-threat-review\/\"  title=\"GET The Full Report\" class=\"c-btn c-btn--primary c-btn--outline u-flex-auto u-flex-initial@sm u-justify-center u-justify-start@sm has-icon icon-arrow-right icon-position-right has-icon-animation icon-animation-fade-in\"><span class=\"cta-button-text\">GET The Full Report<\/span><\/a>\n<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers. <\/p>\n","protected":false},"author":92,"featured_media":89494,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"ep_exclude_from_search":false,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[562],"tags":[],"coauthors":[438,818],"class_list":["post-89465","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-views"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout<\/title>\n<meta name=\"description\" content=\"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout\" \/>\n<meta property=\"og:description\" content=\"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Forescout\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ForescoutTechnologies\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-28T15:00:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-09T22:02:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Daniel dos Santos, Don Sears\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Forescout\" \/>\n<meta name=\"twitter:site\" content=\"@Forescout\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\"},\"author\":{\"name\":\"Daniel dos Santos\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/be441d6b38f45c404e136f034553a1a5\"},\"headline\":\"VPN Vulnerabilities As a Target: Virtual Private Not At All\",\"datePublished\":\"2024-08-28T15:00:46+00:00\",\"dateModified\":\"2024-09-09T22:02:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\"},\"wordCount\":971,\"publisher\":{\"@id\":\"https:\/\/www.forescout.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg\",\"articleSection\":[\"News &amp; Views\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\",\"url\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\",\"name\":\"VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout\",\"isPartOf\":{\"@id\":\"https:\/\/www.forescout.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg\",\"datePublished\":\"2024-08-28T15:00:46+00:00\",\"dateModified\":\"2024-09-09T22:02:11+00:00\",\"description\":\"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg\",\"width\":1200,\"height\":628},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.forescout.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VPN Vulnerabilities As a Target: Virtual Private Not At All\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.forescout.com\/#website\",\"url\":\"https:\/\/www.forescout.com\/\",\"name\":\"Forescout\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.forescout.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.forescout.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.forescout.com\/#organization\",\"name\":\"Forescout Technologies, Inc.\",\"url\":\"https:\/\/www.forescout.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Forescout Technologies, Inc.\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ForescoutTechnologies\",\"https:\/\/x.com\/Forescout\",\"https:\/\/www.instagram.com\/forescouttechnologies\/\",\"https:\/\/www.linkedin.com\/company\/forescout-technologies\",\"https:\/\/www.youtube.com\/user\/forescout1\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/be441d6b38f45c404e136f034553a1a5\",\"name\":\"Daniel dos Santos\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/image\/e47d8d4c2a21db15a6e2d4acf2b3d3a9\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e2f2689df82c380109a7898f6204c7a1c9105ed7bc076d45a45b524443683a65?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e2f2689df82c380109a7898f6204c7a1c9105ed7bc076d45a45b524443683a65?s=96&d=mm&r=g\",\"caption\":\"Daniel dos Santos\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout","description":"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/","og_locale":"en_US","og_type":"article","og_title":"VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout","og_description":"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.","og_url":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/","og_site_name":"Forescout","article_publisher":"https:\/\/www.facebook.com\/ForescoutTechnologies","article_published_time":"2024-08-28T15:00:46+00:00","article_modified_time":"2024-09-09T22:02:11+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","type":"image\/jpeg"}],"author":"Daniel dos Santos, Don Sears","twitter_card":"summary_large_image","twitter_creator":"@Forescout","twitter_site":"@Forescout","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#article","isPartOf":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/"},"author":{"name":"Daniel dos Santos","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/be441d6b38f45c404e136f034553a1a5"},"headline":"VPN Vulnerabilities As a Target: Virtual Private Not At All","datePublished":"2024-08-28T15:00:46+00:00","dateModified":"2024-09-09T22:02:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/"},"wordCount":971,"publisher":{"@id":"https:\/\/www.forescout.com\/#organization"},"image":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","articleSection":["News &amp; Views"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/","url":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/","name":"VPN Vulnerabilities As a Target: Virtual Private Not At All - Forescout","isPartOf":{"@id":"https:\/\/www.forescout.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","datePublished":"2024-08-28T15:00:46+00:00","dateModified":"2024-09-09T22:02:11+00:00","description":"Our cybersecurity research team Vedere Labs examines today\u2019s threats and targets. VPN vulnerabilities are easy prey for today\u2019s attackers.","breadcrumb":{"@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#primaryimage","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","width":1200,"height":628},{"@type":"BreadcrumbList","@id":"https:\/\/www.forescout.com\/blog\/vpn-vulnerabilities-cyber-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.forescout.com\/"},{"@type":"ListItem","position":2,"name":"VPN Vulnerabilities As a Target: Virtual Private Not At All"}]},{"@type":"WebSite","@id":"https:\/\/www.forescout.com\/#website","url":"https:\/\/www.forescout.com\/","name":"Forescout","description":"","publisher":{"@id":"https:\/\/www.forescout.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.forescout.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.forescout.com\/#organization","name":"Forescout Technologies, Inc.","url":"https:\/\/www.forescout.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","width":1,"height":1,"caption":"Forescout Technologies, Inc."},"image":{"@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ForescoutTechnologies","https:\/\/x.com\/Forescout","https:\/\/www.instagram.com\/forescouttechnologies\/","https:\/\/www.linkedin.com\/company\/forescout-technologies","https:\/\/www.youtube.com\/user\/forescout1"]},{"@type":"Person","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/be441d6b38f45c404e136f034553a1a5","name":"Daniel dos Santos","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/image\/e47d8d4c2a21db15a6e2d4acf2b3d3a9","url":"https:\/\/secure.gravatar.com\/avatar\/e2f2689df82c380109a7898f6204c7a1c9105ed7bc076d45a45b524443683a65?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e2f2689df82c380109a7898f6204c7a1c9105ed7bc076d45a45b524443683a65?s=96&d=mm&r=g","caption":"Daniel dos Santos"}}]}},"featured_media_url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/08\/FS-2024-VL-Perils-in-the-Periphery-Report-Social-Share-v1.jpg","is_file":false,"excerpt_manually_set":true,"_links":{"self":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts\/89465","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/users\/92"}],"replies":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/comments?post=89465"}],"version-history":[{"count":0,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts\/89465\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/media\/89494"}],"wp:attachment":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/media?parent=89465"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/categories?post=89465"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/tags?post=89465"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/coauthors?post=89465"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}