Known for providing firewalls and other security solutions, Zyxel is falling victim to a wave of attacks. In a message sent to consumers, it warns that devices that allow remote management or have SSL VPN technology enabled are among the top targets.

According to the message released by the company, attackers are able to gain access to accounts associated with the devices when they are successful in their invasion. The company explains that USG/ZyWALL, SUG FLEX, ATP and its VPN series products running on ZLD firmware are susceptible to action, which does not affect the Nebula cloud management mode.

Research conducted by Zyxel shows that the best way to protect yourself is to adopt effective security policies for remote access. This disables HTTP/HTTPS services from WAN networks (which join multiple local networks) and set up rules that only allow remote access from specific IP addresses and locations.

On its website, the company also recommends that consumers install the latest security patches provided by it. It also warns of potential phishing scams that take advantage of the situation and promise fixes for vulnerabilities being exploited by criminals.

So far, it’s not clear whether the vulnerabilities were previously known and how many victims the attack has already caused. When targeting devices that should ensure network security, criminals often aim to gain control over them and open loopholes for the distribution of malware and other threats.