A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet reports: According to a review, the list includes: IP addresses of Pulse Secure VPN servers, Pulse Secure VPN server firmware version, SSH keys for each server, a list of all local users and their password…
Tag: pulse secure
DHS CISA: Companies Are Getting Hacked Even After Patching Pulse Secure VPNs
According to the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), companies that run Pulse Secure VPN servers are still at risk of getting hacked, despite patching vulnerable systems. ZDNet reports: Pulse Secure VPN servers are enterprise-grade VPN gateways that companies use to let workers connect to internal company networks from across the internet. Last year, a major vulnerability was disclosed in…
Unpatched Citrix Vulnerability Now Exploited, Patch Weeks Away
An anonymous reader quotes a report from Ars Technica: On December 16, 2019, Citrix revealed a vulnerability in the company’s Application Delivery Controller and Gateway products — commercial virtual-private-network gateways formerly marketed as NetScaler and used by tens of thousands of companies. The flaw, discovered by Mikhail Klyuchnikov of Positive Technologies, could give an attacker direct access to the local networks…