Emergency patch: Attackers attack VPN connections from Checkpoint gateways
Checkpoint has published an emergency security update. Attackers are currently targeting network security gateways such as Quantum Maestro.
(Image: solarseven/Shutterstock.com)
Admins who use Checkpoint Network Security Gateways should update their software for security reasons. The provider of IT security solutions is currently observing attacks on VPN connections.
The danger
As can be seen from an updated warning message, the developers have now published an emergency patch. In the context of the attacks, they refer to a small group of customers who still only use passwords for authentication. Checkpoint states that it has already contacted the affected customers. Attacks on VPN connections are particularly dangerous, as they allow attackers to gain a foothold in company networks. No threat level classification has yet been assigned to the vulnerability (CVE-2024-249219).
If gateways are connected to the Internet, attackers can view unspecified information. It is not yet clear what attacks look like in detail. In any case, admins should check whether they have already been attacked. Signs of this include unknown accounts, which they should delete immediately. They should also harden authentication, for example with certificates.
Install a hotfix
To solve the security problem, admins should take a look at the recently published hotfix. It lists the affected products such as CloudGuard Network and Quantum Spark Appliances and the threatened software versions.
The article also explains how admins can download and install the hotfix to secure gateways. In addition, there are further tips on how to make logins more secure, for example.
(des)
