Quick Links

Security Advisory: Recent increase in firewall brute force / password spraying attempts

Blumira currently sees a large increase in brute force / password spraying attempts against externally-exposed firewalls and firewall services, such as VPNs. This increase appears to be a wide-ranging campaign with no specific targets in mind. These attack attempts could be due to the recent release of highly-rated CVEs about Remote Code Execution (RCE).

To protect yourself, we recommend that you review your firewall's exposed services and update any applicable firmware as soon as possible. We also recommend that you validate your access and authentication policies for the following:

  • logging in to firewall appliances from external sources
  • SSL VPN for users