Numerous VPN and SSH services, including Cisco Secure Firewall VPN, SonicWall VPN, Fortinet VPN, Check Point VPN, Miktrotik, Ubiquiti, and RD Web Services, have been subjected to a far-reaching brute-force attack campaign since March 18, reports BleepingComputer.
Intrusions part of the campaign, which were conducted through TOR, Proxy Rack, BigMama Proxy, IPIDEA Proxy, and other services, involved both valid and generic employee credentials, a report from Cisco Talos revealed.
"Depending on the target environment, successful attacks of this type may lead to unauthorized network access, account lockouts, or denial-of-service conditions. The traffic related to these attacks has increased with time and is likely to continue to rise," said researchers.
Such a development comes weeks after several remote access VPN services on Cisco Secure Firewall devices were reported by Cisco to have been targeted with password-spraying attacks associated with the Brutus malware botnet. Cisco is yet to confirm any link between both incidents.
