Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network VPN services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a...

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials

Cisco Talos would like to acknowledge Anna Bennett and Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in...

Msprobe - Finding All Things On-Prem Microsoft For Password Spraying And Enumeration

Finding all things on-prem Microsoft for password spraying and enumeration. The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below: Installing Install...

CVE-2011-1263

Cross-site scripting XSS vulnerability in the logon page in Remote Desktop Web Access RD Web Access in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability."...

CVE-2011-1263

The CVE describes a cross-site scripting (XSS) vulnerability in the logon page of Remote Desktop Web Access (RD Web Access) on Microsoft Windows Server 2008 R2 and R2 SP1. The issue arises from insufficient input sanitization in the login URI, allowing remote attackers to inject arbitrary HTML/ J...