The U.S. National Security Agency has issued a cybersecurity alert about nation-state attackers targeting vulnerable VPN servers. The alert follows a similar one issued by Britain’s National Cyber Security Center last week. The NSA says attackers are actively exploiting flaws in three major VPN products: Pulse Secure, Palo Alto GlobalProtect and Fortinet Fortigate. It recommends organizations use mutual certificate-based authentication to help spot these attacks and harden their servers against future attacks, which can be triggered via the web.”]
Source: https://www.cuinfosecurity.com/blogs/nsa-latest-intelligence-agency-to-sound-vpn-patch-alarm-p-2800