September 28, 2021 09:25 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/mspLTEZKRck/nsa-cisa-publish-guide-for-securing-vpn-servers
NSA, CISA Publish Guide for Securing VPN Servers
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published today technical guidance on properly securing VPN servers used by organizations to allow employees remote access to internal networks. From a report: The NSA said it put together the nine-page guide [PDF] after "multiple nation-state advanced persistent threat (APT) actors" weaponized vulnerabilities in common VPN servers as a way to breach organizations. "Exploitation of these CVEs [vulnerabilities] can enable a malicious actor to steal credentials, remotely execute code, weaken encrypted traffic's cryptography, hijack encrypted traffic sessions, and read sensitive data from the device," the NSA said today in a press release announcing the guide's publication. "If successful, these effects usually lead to further malicious access and could result in a large-scale compromise to the corporate network," the agency added.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/mspLTEZKRck/nsa-cisa-publish-guide-for-securing-vpn-servers
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot