{"id":20294,"date":"2024-03-04T12:08:02","date_gmt":"2024-03-04T19:08:02","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=20294"},"modified":"2024-03-05T11:03:53","modified_gmt":"2024-03-05T18:03:53","slug":"vpns-constant-target-of-nation-states-and-security-nomads","status":"publish","type":"post","link":"https:\/\/webdev.securin.xyz\/articles\/vpns-constant-target-of-nation-states-and-security-nomads\/","title":{"rendered":"VPNs Constant Target of Nation-States and Security Nomads"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"20294\" class=\"elementor elementor-20294\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5654c18 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5654c18\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-dacf809\" data-id=\"dacf809\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d60acaf elementor-widget elementor-widget-text-editor\" data-id=\"d60acaf\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">In the wake of the pandemic, there has been a swift integration of digital solutions by global businesses, notably Virtual Private Networks (VPNs). These VPNs enable users to establish secure, encrypted connections with the internet, facilitating remote work while maintaining a secure environment. Nevertheless, the compromise of a VPN connection opens avenues for threat actors to infiltrate secluded networks. <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-b7abb16 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b7abb16\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-dcdf1cb\" data-id=\"dcdf1cb\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-62b509e elementor-widget elementor-widget-heading\" data-id=\"62b509e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Contents<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ad0bb10 elementor-widget elementor-widget-text-editor\" data-id=\"ad0bb10\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"#securin-perspective\">A Securin Perspective<\/a><\/li><li><a href=\"#threats-to-VPN-and-remote-access\">Exposed: Threats to VPN &amp; Remote Access<\/a><\/li><li><a href=\"#nation-state-cyber-threats\">Stealth Intruders: Nation-State Cyber Threats<\/a><\/li><li><a href=\"#ransomware-rampage\">Ransomware Rampage<\/a><\/li><li><a href=\"#MITRE-ATT&amp;CK-analysis\">Vulnerability Spotlight: MITRE ATT&amp;CK Analysis<\/a><\/li><li><a href=\"#weaknesses-behind-RCE\/PE-exploits\">Unlocking the Code: Weaknesses Behind RCE\/PE Exploits<\/a><\/li><li><a href=\"#CISA-and-NSA-guidance\">CISA and NSA Guidance towards Selecting and Hardening Remote Access VPNs<\/a><\/li><li><a href=\"#what-do-we-recommend\">What Do We Recommend?<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-a7bfe44 elementor-widget elementor-widget-spacer\" data-id=\"a7bfe44\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-b0ffd0c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b0ffd0c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-d6d3f7d\" data-id=\"d6d3f7d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-170fcd1 elementor-widget elementor-widget-menu-anchor\" data-id=\"170fcd1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"securin-perspective\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9dbc194 elementor-widget elementor-widget-heading\" data-id=\"9dbc194\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">A Securin Perspective<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f7636c elementor-widget elementor-widget-text-editor\" data-id=\"3f7636c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">A comprehensive analysis of vulnerabilities affecting Virtual Private Networks (VPNs), evolving from a focus on eight vendors and 147 vulnerabilities in 2020, to an expansive review of over 560 products across 78 vendors in 2024, uncovered a total of 1,796 vulnerabilities, an <strong>875% surge<\/strong>! <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8ac5073 elementor-widget elementor-widget-image\" data-id=\"8ac5073\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities.png\" class=\"attachment-full size-full wp-image-20311\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities.png 1875w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities-1024x683.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities-768x512.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities-1536x1024.png 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-fc8868f elementor-widget elementor-widget-spacer\" data-id=\"fc8868f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4903048 elementor-widget elementor-widget-menu-anchor\" data-id=\"4903048\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"threats-to-VPN-and-remote-access\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-31f477b elementor-widget elementor-widget-heading\" data-id=\"31f477b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Exposed: Threats to VPN &amp; Remote Access<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-83cc78d elementor-widget elementor-widget-text-editor\" data-id=\"83cc78d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Our research underscores a disconcerting reality: 11.3% (204) of the total vulnerabilities have already been weaponized by attackers. Furthermore, Advanced Persistent Threat (APT) groups, including notorious entities such as APT 32, APT 33, Fox Kitten, Sandworm Team have known associations to 26 of these vulnerabilities, while ransomware groups like Sodinokibi, REvil, LockBit, Maze, and Pay2Key, are capable of exploiting 16 vulnerabilities, underscoring the sophisticated and organized nature of the threat landscape, signaling an urgent call to action for cybersecurity measures.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c0f83cd elementor-widget elementor-widget-image\" data-id=\"c0f83cd\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats.png\" class=\"attachment-full size-full wp-image-20313\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats.png 1875w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats-1024x683.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats-768x512.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_vulnerabilities_threats-1536x1024.png 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc231e1 elementor-widget elementor-widget-spacer\" data-id=\"dc231e1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8074151 elementor-widget elementor-widget-menu-anchor\" data-id=\"8074151\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"nation-state-cyber-threats\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7fe93b7 elementor-widget elementor-widget-heading\" data-id=\"7fe93b7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Stealth Intruders: Nation-State Cyber Threats<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7c2c67b elementor-widget elementor-widget-text-editor\" data-id=\"7c2c67b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">State-sponsored <\/span><span style=\"font-weight: 400;\">threat groups are known to target intellectual property and critical industry sectors. We have observed APT groups leveraging vulnerabilities in VPN and secure access devices due to the critical roles they play in being gateways to sensitive, confidential, and operationally critical information that safeguards the digital perimeters of organizations worldwide. Such high-value targets are selected <\/span><span style=\"font-weight: 400;\">with intentions varying from disinformation, propaganda, espionage, to destructive cyber attacks, in order to establish a competitive advantage over the target nation.<\/span><\/p><p><span style=\"font-weight: 400;\">Our focused research shows that VPN vulnerabilities have been leveraged by cyber actors predominantly from China (7), Iran (7), and Russia (4).\u00a0 <\/span><span style=\"font-weight: 400;\">China, Russia and Iran are <\/span><span style=\"font-weight: 400;\">linked<\/span><span style=\"font-weight: 400;\"> to the most number of threat groups, with the former two nations together accounting for almost 63% of all known groups.\u00a0 <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9a40fd3 elementor-widget elementor-widget-image\" data-id=\"9a40fd3\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1783\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats.png\" class=\"attachment-full size-full wp-image-20374\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats.png 1783w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats-300x210.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats-1024x718.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats-768x538.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpn_nation_state_cyber_threats-1536x1077.png 1536w\" sizes=\"(max-width: 1783px) 100vw, 1783px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5893990 elementor-widget elementor-widget-spacer\" data-id=\"5893990\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-50ef5c3 elementor-widget elementor-widget-menu-anchor\" data-id=\"50ef5c3\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"ransomware-rampage\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f0c2de0 elementor-widget elementor-widget-heading\" data-id=\"f0c2de0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Ransomware Rampage<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-489b872 elementor-widget elementor-widget-text-editor\" data-id=\"489b872\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Ransomware groups, like nation-state threat actors, have wreaked havoc on VPNs through 2020 to 2024, with 7.8% of the weaponized vulnerabilities. <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-73a69f6 elementor-widget elementor-widget-image\" data-id=\"73a69f6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss.png\" class=\"attachment-full size-full wp-image-20314\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss.png 1875w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss-1024x683.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss-768x512.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_and_remote_access_top_ransomware_associationss-1536x1024.png 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5241e59 elementor-widget elementor-widget-text-editor\" data-id=\"5241e59\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Securin researchers also spotlighted a select set of nine vulnerabilities that have both APT and Ransomware associations.\u00a0 <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-54c1b29 elementor-widget elementor-widget-text-editor\" data-id=\"54c1b29\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<table><tbody><tr><td colspan=\"5\"><p><b>VPN Vulnerabilities with APT and Ransomware Associations<\/b><\/p><\/td><\/tr><tr><td><p><b>CVE<\/b><\/p><\/td><td><p><b>APT Associations<\/b><\/p><\/td><td><p><b>Ransomware Associations<\/b><\/p><\/td><td><p><b>Vendor<\/b><\/p><\/td><td><p><b>Affected Products<\/b><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2023-3519<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Citrix \/ NetScaler ADC<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">8<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2021-22986<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">1<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">1<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">BIG-IP<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">73<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2021-20016<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Microsoft\u00a0<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">6<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2020-12812<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">1<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Fortinet<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">3<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2020-5902<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">3<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">F5<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">84<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2019-19781<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">8<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">12<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Citrix<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">10<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2019-11539<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Pulse Secure<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">97<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2019-11510<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">7<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">7<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Pulse Secure<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">37<\/span><\/p><\/td><\/tr><tr><td><p><span style=\"font-weight: 400;\">CVE-2018-13379<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">10<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">8<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">Fortinet<\/span><\/p><\/td><td><p><span style=\"font-weight: 400;\">2<\/span><\/p><\/td><\/tr><\/tbody><\/table>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a439e12 elementor-widget elementor-widget-text-editor\" data-id=\"a439e12\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The Fox Kitten APT group has exploit methods for the last five above-mentioned vulnerabilities that exist in popular VPNs such as Pulse Secure, F5, Fortinet and Palo Alto, while the Pay2Key ransomware group is associated with four.<\/span><\/p><p><span style=\"font-weight: 400;\">A standout concern are CISA KEV vulnerabilities, CVE-2018-13379 in FortiOS, targeted by 10 APT groups and eight ransomware groups, and CVE-2019-19781, targeted by eight APT groups and 12 ransomware, emphasizing the critical need for immediate mitigation.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aaf91af elementor-widget elementor-widget-spacer\" data-id=\"aaf91af\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fa3b81b elementor-widget elementor-widget-menu-anchor\" data-id=\"fa3b81b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"MITRE-ATTCK-analysis\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d187d0 elementor-widget elementor-widget-heading\" data-id=\"5d187d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Vulnerability Spotlight: MITRE ATT&amp;CK Analysis<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0c989af elementor-widget elementor-widget-text-editor\" data-id=\"0c989af\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Delving into exploit kits, among the 204 weaponized vulnerabilities, 91 are automatable, 46 serve as initial access vectors, and 30 necessitate a full killchain for maximum impact. The implication is profound: automatable vulnerabilities pose a severe threat to VPN products across vendors, requiring no user interaction or privileges. With 22.5% of weaponized vulnerabilities providing initial access, those with a full killchain can disrupt organizational data, leading to economic losses and impacting public well-being, with potential downtimes of a week or more.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-96467dd elementor-widget elementor-widget-image\" data-id=\"96467dd\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits.png\" class=\"attachment-full size-full wp-image-20318\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits.png 1875w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits-1024x683.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits-768x512.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vulnerability_exploit_kits-1536x1024.png 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f6970af elementor-widget elementor-widget-spacer\" data-id=\"f6970af\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9c8a6dd elementor-widget elementor-widget-menu-anchor\" data-id=\"9c8a6dd\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"weaknesses-behind-RCEPE-exploits\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5c56fdb elementor-widget elementor-widget-heading\" data-id=\"5c56fdb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Unlocking the Code: Weaknesses Behind RCE\/PE Exploits\n<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-611ec35 elementor-widget elementor-widget-text-editor\" data-id=\"611ec35\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We observed a total of <strong>166 weaknesses<\/strong> in code, giving rise to the 1,796 vulnerabilities identified in our study, with <strong>43 weaknesses that lead to RCE\/PE exploits<\/strong>. The most prominent weaknesses affecting RCE\/PE exploits are CWE-78, CWE-264 and CWE-119. It\u2019s interesting to note that CWE-264 (Category: Permissions, Privileges and Access Controls) is now an obsolete weakness and has been turned into a category. Furthermore, being devices designed specifically for securing access, it is ironic that four of the top 10 RCE\/PE weaknesses affecting VPNs are related to permissions, privileges and access controls. <\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3012349 elementor-widget elementor-widget-image\" data-id=\"3012349\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits.png\" class=\"attachment-full size-full wp-image-20328\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits.png 1875w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits-1024x683.png 1024w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits-768x512.png 768w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/03\/vpns_remote_access_top_10_weaknesses_rce_pe_exploits-1536x1024.png 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a6df792 elementor-widget elementor-widget-text-editor\" data-id=\"a6df792\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Interestingly, CWE-79 (Improper Neutralization of Input During Web Page Generation (&#8216;Cross-site Scripting&#8217;)) and CWE-20 (Improper Input Validation), ranked second and sixth on the MITRE\u2019s 2023 Top 25 Software Weaknesses list, rule the roost for most common weaknesses affecting VPN products. Our findings highlight the gap in programming code that makes VPN and Remote Access products more prone to RCE\/PE exploits, something that developers ought to capitalize on to make them more secure.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c5b668d elementor-widget elementor-widget-spacer\" data-id=\"c5b668d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4b41d84 elementor-widget elementor-widget-menu-anchor\" data-id=\"4b41d84\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"CISA-and-NSA-guidance\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-627c3b3 elementor-widget elementor-widget-heading\" data-id=\"627c3b3\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">CISA and NSA Guidance Towards Selecting and Hardening Remote Access VPNs<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c565a91 elementor-widget elementor-widget-text-editor\" data-id=\"c565a91\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The NSA and CISA put out an advisory in <\/span><a href=\"https:\/\/media.defense.gov\/2021\/Sep\/28\/2002863184\/-1\/-1\/0\/CSI_SELECTING-HARDENING-REMOTE-ACCESS-VPNS-20210928.PDF\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">2021<\/span><\/a><span style=\"font-weight: 400;\">, encouraging organizations to select standards-based VPNs from reputable vendors and harden the VPNs against compromise by reducing their attack surface through strong cryptography and authentication as well as monitoring access to and from VPNs. In 2023, CISA further enforced their stance on VPNs by issuing a binding operational <\/span><a href=\"https:\/\/www.cisa.gov\/news-events\/directives\/binding-operational-directive-23-02\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">directive<\/span><\/a><span style=\"font-weight: 400;\"> towards mitigating risks posed by internet-facing management interfaces.<\/span><\/p><p><span style=\"font-weight: 400;\">Since mid-January 2024, CISA has put out a flurry of advisories towards protecting VPNs, with the latest <\/span><a href=\"https:\/\/cyberscoop.com\/cisa-ivanti-vulnerability-emergency-directive\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">emergency directive<\/span><\/a><span style=\"font-weight: 400;\"> being released in early February, after 1700 organizations fell victim to a campaign by an unknown Chinese APT group. The directive mandated that organizations <\/span><a href=\"https:\/\/techcrunch.com\/2024\/02\/01\/cisa-federal-agencies-disconnect-ivanti-vpn\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">disconnect<\/span><\/a><span style=\"font-weight: 400;\"> old VPNs that were not upgradeable and take proactive measures towards maintaining full compliance for reduced intrusions. <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-277f0d0 elementor-widget elementor-widget-spacer\" data-id=\"277f0d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8424ba0 elementor-widget elementor-widget-menu-anchor\" data-id=\"8424ba0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"what-do-we-recommend\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-20c2cde elementor-widget elementor-widget-heading\" data-id=\"20c2cde\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What Do We Recommend?<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b3840d0 elementor-widget elementor-widget-text-editor\" data-id=\"b3840d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><span style=\"font-weight: 400;\">Adopt regular attack surface management to discover vulnerabilities exposing your network.<br \/><\/span><\/li><li><span style=\"font-weight: 400;\">Look beyond just direct VPN deployments and consider all assets for any indirect communication with exposed VPNs.<\/span><\/li><li><span style=\"font-weight: 400;\">Monitor overall organizational asset ecosystem to ensure no other attack vectors, like misconfigured assets, are allowed to link to the VPN vulnerabilities, avoiding an attack chain to compromise the entire network.<\/span><\/li><li><span style=\"font-weight: 400;\">Adhere to the recommended mitigations from your VPN vendor and remediate frequently.<br \/><\/span><\/li><li><span style=\"font-weight: 400;\">Transition towards a threat-informed patching protocol to address high-impact vulnerabilities immediately in order to avoid leaving your network vulnerable to infiltration.<\/span><\/li><li><span style=\"font-weight: 400;\">Cultivate a security-conscious workforce for an extra line of defense and to stay safe from social engineering attacks.<\/span><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5ffc172 elementor-widget elementor-widget-spacer\" data-id=\"5ffc172\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-24e3ead elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"24e3ead\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-3d3f4f8\" data-id=\"3d3f4f8\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-426e8ea elementor-widget elementor-widget-spacer\" data-id=\"426e8ea\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-84bafa4 elementor-widget elementor-widget-text-editor\" data-id=\"84bafa4\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3 dir=\"ltr\" style=\"text-align: center;\"><a href=\"https:\/\/securin.io\/contact-us\">Talk with our experts<\/a> to help fortify your defenses and strengthen your cybersecurity posture.<\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2677758 elementor-widget elementor-widget-spacer\" data-id=\"2677758\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The integration of VPNs in global businesses during the pandemic has led to a surge in vulnerabilities, with state-sponsored threat groups and ransomware entities actively exploiting these weaknesses.<\/p>\n","protected":false},"author":1,"featured_media":20354,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[631,127],"tags":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20294"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/comments?post=20294"}],"version-history":[{"count":45,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20294\/revisions"}],"predecessor-version":[{"id":20379,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20294\/revisions\/20379"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/20354"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=20294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/categories?post=20294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/tags?post=20294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}