I prefer the “tunnel per application” approach rather than the big fat pipe through the corporate defence wall that is a VPN. As corporate workloads migrate to cloud services, hopefully we will see corporate VPNs wither and die…:
[…] Which is the thing about VPN hacks. Since the whole point of a VPN is to create a secure connection to a network, worming into one can save hackers a lot of hassle. “Once hackers have those credentials, they don’t need to use spearphishing emails, they don’t need to bring in custom malware,” says Sarah Jones, senior principal analyst at FireEye. “It’s kind of a perfect situation.”
The campaign that FireEye uncovered is especially ambitious and potentially troubling. It’s too early for firm attribution, but the groups behind it appear to be linked to China, and their targets seem chock full of the kind of sensitive information on which espionage groups thrive. One of the malware families, called Slowpulse, could get around two-factor authentication protections, sidestepping a key safeguard against credential harvesting.