Massive VPN account-targeted attacks have prompted Cisco to update its Adaptive Security Appliance and Firepower Threat Defense with new defenses against password spraying and brute-force intrusions, BleepingComputer reports.
Such features, which have been implemented across all versions of Cisco ASA and FTD this month, ensure protection against continuous failed remote access VPN service authentication attempts, client initiation attacks, and attempted compromise of invalid remote access VPN services, according to Cisco, which noted the need to input certain commands to activate the newly added capabilities while indicating a possible effect on device performance. "There is no expected "downside," but the potential for performance impact can exist when enabling new features based on existing device configuration and traffic load," said Cisco. Organizations using Cisco ASA and FTD appliances have been urged to immediately enable the new features to avert possible VPN account compromise, which could be leveraged for ransomware intrusions.
