The information security vendor recommended immediately strengthening its security before hackers take advantage of its weakness.
Check Point, a cybersecurity company, has called on its customers to review their VPN configurations to prevent possible attacks from attackers seeking to gain access to corporate networks.
In its May 28 notice, the company said VPNs from various security vendors are becoming an increasingly frequent target for attacks. In particular, Check Point recorded attempts to hack its customers ' VPNs.
So, on May 24, 2024, several login attempts were detected using outdated local VPN accounts with password-only authentication. These attacks did not exploit vulnerabilities in the software, but relied on weak authentication methods.
Check Point responded to the incidents by mobilizing specialized teams to investigate.
"In light of these developments, we have begun monitoring attempts to gain unauthorized access to our customers' VPNs," the company said. "Based on customer notifications and Check Point analysis, the teams identified several potential customers who were exposed to similar attempts within 24 hours."
The notification also highlights that password-only authentication is not sufficient to protect remote access to networks.
"Password — only authentication is considered an unreliable method for ensuring the highest level of security, and we recommend that you do not rely on it when logging in to the network infrastructure," the notice says.
To protect against such attacks, Check Point advises organizations to reconsider using local accounts and disable unnecessary ones. For the required accounts, we recommend strengthening security by adding another level of authentication, such as certificates that complement passwords.
To help customers, Check Point has released a solution designed to automatically prevent unauthorized access through local accounts with password-only authentication. This solution can be deployed on security gateways to enhance protection against such attacks.
"This will automatically prevent unauthorized access to your VPNs through local accounts with password-only authentication," the company explained.
Check Point, a cybersecurity company, has called on its customers to review their VPN configurations to prevent possible attacks from attackers seeking to gain access to corporate networks.
In its May 28 notice, the company said VPNs from various security vendors are becoming an increasingly frequent target for attacks. In particular, Check Point recorded attempts to hack its customers ' VPNs.
So, on May 24, 2024, several login attempts were detected using outdated local VPN accounts with password-only authentication. These attacks did not exploit vulnerabilities in the software, but relied on weak authentication methods.
Check Point responded to the incidents by mobilizing specialized teams to investigate.
"In light of these developments, we have begun monitoring attempts to gain unauthorized access to our customers' VPNs," the company said. "Based on customer notifications and Check Point analysis, the teams identified several potential customers who were exposed to similar attempts within 24 hours."
The notification also highlights that password-only authentication is not sufficient to protect remote access to networks.
"Password — only authentication is considered an unreliable method for ensuring the highest level of security, and we recommend that you do not rely on it when logging in to the network infrastructure," the notice says.
To protect against such attacks, Check Point advises organizations to reconsider using local accounts and disable unnecessary ones. For the required accounts, we recommend strengthening security by adding another level of authentication, such as certificates that complement passwords.
To help customers, Check Point has released a solution designed to automatically prevent unauthorized access through local accounts with password-only authentication. This solution can be deployed on security gateways to enhance protection against such attacks.
"This will automatically prevent unauthorized access to your VPNs through local accounts with password-only authentication," the company explained.
