Several US government agencies have been injured by suspected state-sponsored Chinese hackers who exploited vulnerabilities in Pulse Secure LLC virtual private network devices.
Confirmed by the cybersecurity company FireEye Inc. and Pulse Secure self along with the US Department of Homeland Security Cybersecurity and Infrastructure AgencyThe attacks are believed to have started around June.
Three of the vulnerabilities exploited in the attacks were discovered and fixed in 2019 and 2020. The fourth vulnerability was discovered this month and affected a very limited number of customers.
The latter hasn’t been patched yet, but Ivanti Inc., the owner of Pulse Secure since December, said it was working with customers on mitigation strategies until a patch becomes available in early May.
The threat actor should use the access provided by the vulnerabilities to deploy web shells on the Pulse Connect Secure appliance for further access and …