Hackers are targeting Remote Access Applications used by companies trying to keep working remotely during the Pandemic
During this Pandemic period, I’ve been working for a security project where we are monitoring daily all vulnerabilities released by the US government in their CyberSecurity platforms (CVE/NIST), just after a couple of days researching these new vulnerabilities related to this new normal way of life and work where almost every IT employee and others professional areas are working from home we notice an increasing amount of vulnerabilities and exploits been released on the internet related to these solutions:
-Remote Access Clients (VPN for users access their offices and work environment from home);
-SSL Application vulnerabilities (Remote Remote Access);
-Mobile Device Management;
-And Firewall and Routers;
If you never worked as a Sysadmin or Network admin you didn’t notice the relationship between those solutions, but as you could imagine all of these solutions are related to this new IT environment been deployed by thousands of IT teams around to World running to get things done to put their companies to work remotely.
Our recommendation now is more than never keep good control of which software and applications you have installed in your environment and track all of the new vulnerabilities been release by these companies to update as soon as possible your environment.
Ask your IT Team to follow some of these Cybersecurity organizations to receive daily all of the published vulnerabilities.