SSL VPN - Geek Feed

New password spraying attacks target Cisco, PAN VPN gateways

December 21, 2025December 21, 2025 geekfeed0Tagged cisco, GlobalProtect, Palo Alto Networks, Password Spray, SSL VPN, vpn

An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. On December 11, threat monitoring platform GreyNoise observed the number of login attempts aimed at GlobalProtect portals peaked at 1.7 million during a period of 16 hours. Collected data showed that the attacks originated from […]

2 mins read

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

August 10, 2025August 10, 2025 geekfeed0Tagged Actively Exploited, Akira, CVE-2024-40766, ransomware, SonicWall, SSL VPN

SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attackers are targeting CVE-2024-40766, an unauthorized access flaw fixed in August 2024. “We now have high confidence that the recent SSLVPN activity is not connected to […]

2 mins read

SonicWall urges admins to patch VPN flaw exploited in attacks

May 10, 2025May 10, 2025 geekfeed0Tagged 0day, 0day exploit, Actively Exploited, CVE-2025-32819, CVE-2025-32820, CVE-2025-32821, exploit, SonicWall, SSL VPN, vpn, Zero-Day

SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks. Discovered and reported by Rapid7 cybersecurity researcher Ryan Emmons, the three security flaws (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821) can be chained by attackers to gain remote code execution as root and compromise […]

2 mins read

SonicWall warns of more VPN flaws exploited in attacks

May 3, 2025May 3, 2025 geekfeed0Tagged Actively Exploited, SonicWall, SSL VPN, vpn

Cybersecurity company SonicWall has warned customers that two older vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. On Tuesday, SonicWall updated security advisories for the CVE-2023-44221 and CVE-2024-38475 security flaws to tag the two vulnerabilities as “potentially being exploited in the wild.” CVE-2023-44221 is described as a high-severity command injection vulnerability caused […]

2 mins read

SonicWall firewall bug targeted in attacks after PoC exploit release

February 17, 2025February 17, 2025 geekfeed0Tagged Actively Exploited, Authentication Bypass, CVE-2024-53704, Firewall, SonicOS, SonicWall, SSL VPN

Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. This security flaw (CVE-2024-53704), tagged by CISA as critical severity and found in the SSLVPN authentication mechanism, impacts SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035, used by multiple models of Gen 6 and […]

2 mins read