Tag: Pulse Secure VPN

Chinese threat actors hacked NYC MTA using Pulse Secure zero-day

Posted on

Chinese-backed threat actors breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet. MTA mitigated the vulnerability Read More …

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

Posted on

Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for Read More …

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Posted on

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks. To mitigate the Read More …

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

Posted on

The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently Read More …

Black Kingdom ransomware hacks networks with Pulse VPN flaws

Posted on

Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used Read More …

DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs

Posted on

Companies that run Pulse Secure VPN servers are still at risk of getting hacked, despite patching vulnerable systems, cyber-security agencies from the US and Japan have warned this month. Pulse Secure VPN servers are enterprise-grade VPN gateways that companies use Read More …

FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw

Posted on

FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers. The US Cybersecurity and Infrastructure Security Agency (CISA) previously alerted Read More …