Hackers are actively exploiting a newly discovered bug in Pulse Connect Secure VPN products, as well as some older bugs that some customers have not yet addressed.
Cybersecurity firm FireEye reported it has investigated several incidents of compromise in devices that use a bug that is being tracked as CVE-2021-22893 that was discovered in April. The vulnerability is significant with a severity level of 10 out of 10. The malware deployed bypasses two-factor authentication.
The vulnerability includes an authentication bypass that “allows an unauthenticated user to execute any remote file on the Pulse Connect secure gateway”. as advised by Pulse Secure.
SEE: VPN: Choosing a Provider and Troubleshooting Tips (Free PDF) (TechRepublic)
FireEye’s Incident Response Unit, Mandiant, said it is tracking 12 families of malware linked to attacks on Pulse Secure VPN …