Hackers have injured several U.S. federal agencies, critical infrastructure companies, and private companies after exploiting Pulse Connect Secure (PCS) VPN vulnerabilities, the Cybersecurity and Infrastructure Security Agency (CISA) warned.

As of March 31, 2021, CISA has supported several companies whose vulnerable Pulse Connect Secure devices were exploited by hackers AA-21-110A disclosed.

The attackers exploited the security flaws in Pulse Connect Secure VPN to collect Active Directory passwords, install web shells and bypass multi-factor authentication.

CISA had previously issued safety advisories SA44101 and SA44601 related to other vulnerabilities in Pulse Connect Secure VPN CVE-2019-11510 and CVE-2020-8260 that the attackers exploited.

Threat actors exploited several vulnerabilities in Pulse Connect Secure VPN to increase persistence

The threat actor has exploited several VPN vulnerabilities including CVE-2019-11510, CVE-2020-8260, CVE-2020-8243, and …

Source link

Leave a Reply