securitybreach Posted April 22, 2021 Share Posted April 22, 2021 This is very bad. Quote Hackers backed by nation-states are exploiting critical vulnerabilities in the Pulse Secure VPN to bypass two-factor authentication protections and gain stealthy access to networks belonging to a raft of organizations in the US Defense industry and elsewhere, researchers said. At least one of the security flaws is a zero-day, meaning it was unknown to Pulse Secure developers and most of the research world when hackers began actively exploiting it, security firm Mandiant said in a blog post published Tuesday. Besides CVE-2021-22893, as the zero-day is tracked, multiple hacking groups—at least one of which likely works on behalf of the Chinese government—are also exploiting several Pulse Secure vulnerabilities fixed in 2019 and 2020. https://arstechnica.com/gadgets/2021/04/hackers-are-exploiting-a-pulse-secure-0day-to-breach-orgs-around-the-world/ 1 Quote Link to comment Share on other sites More sharing options...
sunrat Posted April 22, 2021 Share Posted April 22, 2021 I don't think there's a secure anything on the internet these days. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.