Pulse Secure

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated)

CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.

Tags: , , , , , , , ,

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations

Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.

Tags: , , , , , , , , , , , , , , , , ,

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Tags: , , , , , , , , , , , ,

Patch these 10 most commonly exploited vulnerabilities

U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Tags: , , , , , , ,