Homeland Security Today

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

This Alert provides an update to Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability, which advised organizations to ...

VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN ...
WRAL

Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe

In a blog post, Pulse Secure said the newly discovered flaw affects a "very limited number of customers" and that a more permanent software update to address that vulnerability will be issued in early ...
SDxCentral

China-Linked Hackers Target Pulse Secure Flaws, Infiltrate US Agencies

Suspected Chinese state-sponsored hackers used vulnerabilities in Pulse Secure VPN appliances to infiltrate dozens of U.S. government agencies, defense contractors, and private companies, according to ...
CRN

Ivanti Discloses Fifth Major VPN Vulnerability In A Month

The disclosure of the new high-severity Connect Secure bug comes as three recently discovered Ivanti VPN vulnerabilities are now under mass exploitation. Ivanti published details Thursday on a new, ...
CRN

Ivanti Reports Exploitation Of Two Zero-Day VPN Flaws

The high-severity vulnerabilities impact Ivanti’s Connect Secure VPN and do not yet have a patch available. Ivanti disclosed Wednesday that a pair of high-severity, zero-day vulnerabilities impacting ...
WRAL

Five federal agencies potentially breached in Pulse Connect Secure hack

At least five federal civilian agencies appear to have been breached in the latest hack to hit the US government, a discovery that follows emergency measures to mitigate potential damage from the ...
Dark Reading

APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm

Virtual private networks (VPNs), which have become essential for many organizations that provide remote employees with access to private networks since the pandemic's onset, are a popular target for ...
Financial Post

How Private Equity Debt Left a Leading VPN Open to Chinese Hackers

(Bloomberg) — In early 2024, the agency that oversees cybersecurity for much of the US government issued a rare emergency order — disconnect your Connect Secure virtual private network software ...
SDxCentral

Homeland Security Uncovers VPN Flaw in Cisco, F5, Palo Alto Networks, Pulse Secure

The National Cybersecurity and Communications Integration Center (NCCIC), the Department of Homeland Security’s cybersecurity division, published an alert on Friday highlighting a flaw found in a ...
Ars Technica

Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere

If you haven't updated Pulse Secure VPN, now would be an excellent time to do so. Do real admins actually do this: "[click] on a malicious link embedded in an email or other type of message"? I am an ...
Dark Reading

Pulse Secure Announces Acquisition of BYOD Innovator MobileSpaces

SAN JOSE, CALIF. – Oct. 2, 2014 – Pulse Secure today announced that it has acquired MobileSpaces, a leading provider of mobile security for the app-centric enterprise. The acquisition represents Pulse ...