Jump to content

Hackers are exploiting a Pulse Secure 0-day to breach orgs around the world


Recommended Posts

securitybreach
Posted

This is very bad. 

 

Quote

Hackers backed by nation-states are exploiting critical vulnerabilities in the Pulse Secure VPN to bypass two-factor authentication protections and gain stealthy access to networks belonging to a raft of organizations in the US Defense industry and elsewhere, researchers said.

 

At least one of the security flaws is a zero-day, meaning it was unknown to Pulse Secure developers and most of the research world when hackers began actively exploiting it, security firm Mandiant said in a blog post published Tuesday. Besides CVE-2021-22893, as the zero-day is tracked, multiple hacking groups—at least one of which likely works on behalf of the Chinese government—are also exploiting several Pulse Secure vulnerabilities fixed in 2019 and 2020.


https://arstechnica.com/gadgets/2021/04/hackers-are-exploiting-a-pulse-secure-0day-to-breach-orgs-around-the-world/

  • Like 1
Posted

I don't think there's a secure anything on the internet these days.

  • Agree 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...