Bleeping Computer

Cisco fixes VPN DoS flaw discovered in password spray attacks

Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April. The ...
Dark Reading

Cisco ASA, FTD Software Under Active VPN Exploitation

Cisco has rushed a patch for a brute-force denial-of-service (DoS) vulnerability in its VPN that's being actively exploited in the wild. The medium-severity bug (CVE-2024-20481, CVSS 5.8) resides in ...

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users.