Jump to content

Hackers are exploiting a Pulse Secure 0-day to breach orgs around the world

Pickles von Brine
By Pickles von Brine
in Tech News
 Share
Posted
Quote

Hackers backed by nation-states are exploiting critical vulnerabilities in the Pulse Secure VPN to bypass two-factor authentication protections and gain stealthy access to networks belonging to a raft of organizations in the US Defense industry and elsewhere, researchers said.

At least one of the security flaws is a zero-day, meaning it was unknown to Pulse Secure developers and most of the research world when hackers began actively exploiting it, security firm Mandiant said in a blog post published Tuesday. Besides CVE-2021-22893, as the zero-day is tracked, multiple hacking groups—at least one of which likely works on behalf of the Chinese government—are also exploiting several Pulse Secure vulnerabilities fixed in 2019 and 2020...

...Used alone or in concert, the security flaws allow the hackers to bypass both single-factor and multifactor authentication protecting the VPN devices. From there, the hackers can install malware that persists across software upgrades and maintain access through webshells, which are browser-based interfaces that allow hackers to remotely control infected devices.

Source

This is pretty bad. Almost feels as bad as SolarWinds. The fact this bug allows bypassing of 2FA and be stealthy is scary stuff. So many business rely on VPNs to work. Hope a resolution is found quickly. 

Be sure to @Pickles von Brine if you want me to see your reply!

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | ASUS KO RTX 3070 UnderVolted and UnderClocked | Gigabyte Aorus Elite AX X570S | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 x2 | Sandisk Skyhawk 3.84TB SSD 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I cringe every time I hear Pulse "secure" VPN exploits. Its particularly bad for marketing when your product name is literally "secure" yet these new 0days are found every year and most of them are critical.

mY sYsTeM iS Not pErfoRmInG aS gOOd As I sAW oN yOuTuBe. WhA t IS a GoOd FaN CuRVe??!!? wHat aRe tEh GoOd OvERclok SeTTinGS FoR My CaRd??  HoW CaN I foRcE my GpU to uSe 1o0%? BuT WiLL i HaVE Bo0tllEnEcKs? RyZEN dOeS NoT peRfORm BetTer wItH HiGhER sPEED RaM!!dId i WiN teH SiLiCON LotTerrYyOu ShoUlD dEsHrOuD uR GPUmy SYstEm iS UNDerPerforMiNg iN WarzONEcan mY Pc Run WiNdOwS 11 ?woUld BaKInG MY GRaPHics card fIX it? MultimETeR TeSTiNG!! aMd'S GpU DrIvErS aRe as goOD aS NviDia's YOU SHoUlD oVERCloCk yOUR ramS To 5000C18

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, Levent said:

I cringe every time I hear Pulse "secure" VPN exploits. Its particularly bad for marketing when your product name is literally "secure" yet these new 0days are found every year and most of them are critical.

Clearly no one at Pulse has a pulse. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I would think VPN services would be safe enough.. But sure enough.. Either its private information or exploits 🙃

Useful threads: PSU Tier List | Motherboard Tier List | Graphics Card Cooling Tier List ❤️

Baby: MPG X570 GAMING PLUS | AMD Ryzen 9 5900x /w PBO | Corsair H150i Pro RGB | ASRock RX 7900 XTX Phantom Gaming OC (3020Mhz & 2650Memory) | Corsair Vengeance RGB PRO 32GB DDR4 (4x8GB) 3600 MHz | Corsair RM1000x |  WD_BLACK SN850 | WD_BLACK SN750 | Samsung EVO 850 | Kingston A400 |  PNY CS900 | Lian Li O11 Dynamic White | Display(s): Samsung Oddesy G7, ASUS TUF GAMING VG27AQZ 27" & MSI G274F

 

I also drive a volvo as one does being norwegian haha, a volvo v70 d3 from 2016.

Reliability was a key thing and its my second car, working pretty well for its 6 years age xD

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Figured something was up when our network engineers were sending out notifications to our technology department about an emergency patch they had to do on the VPN yesterday.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

ZScaler is obviously the superior Enterprise VPN.

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×