More and more cybercriminals are gaining access to corporate networks via outdated VPNs that are only password protected.

Cybersecurity firm Check Point is observing a rise in the number of threat actors using remote virtual private networks (VPNs) as an entry point and attack vector into organizations. According to a Check Point investigation, outdated local VPNs allowed threat actors to access corporate networks. In addition, the cybersecurity firm has identified a vulnerability in its own network security gateways and is now urging its customers to install their security update.

Increase in VPN abuse

Check Point researchers have observed an increase in cybercriminals using VPNs to access corporate networks in recent months. For example, they identified several groups attempting to discover corporate assets and users and search for vulnerabilities to gain access to important corporate information. This is often done through outdated local VPNs protected only by a password.

Security vulnerability discovered

Check Point itself noticed a vulnerability in its own network security gateways that could potentially allow threat actors to read certain information on internet-facing gateways when VPN is enabled for remote or mobile access. The cybersecurity company is releasing a fix to address this vulnerability and recommends that all customers implement this security update.

This once again underscores the importance of organizations continuously evaluating their security strategies in the rapidly changing cyber threat landscape.