#pulsesecure

Stephen MurcottScmurcott@ioc.exchange
2024-10-30

Mycology and defending against threats and vulnerability of mycelium is similar to Cyber in many ways. The devil is in the details... #Fortinet I feel vindicated for hand crafted bare metal Linux firewalls where I was in control of patches, scheduled jobs, iptables, htb, live monitoring, software updates and version controls... Shocked at how badly some device life cycles have been managed. #PulseSecure #Cisco make so much work. We pay for this trust in vendors more interested in profit than security.

2024-03-01

We're still discovering further ramifications to #Ivanti's #PulseSecure vulnerabilities (#CVE_2023_46805 & #CVE_2024_21887). In February, we identified two new backdoors: #SparkCockpit & #SparkTar. Both backdoors employ selective interception of TLS communication, offer multiple degrees of persistence and access possibilities into the victim network (e.g., traffic tunneling through SOCKS proxy).

👀 Analysis & detection rules at blog.nviso.eu/2024/03/01/cover

The findings of our investigation have been independently corroborated by the research performed by Mandiant and have partially been observed by Fortinet.

#threatintel #forensics #reverseengineering

2024-02-09

Mein ehemals liebster Arbeitgeber wurde ja 2021 von eine Konzern geschluckt. 💔

Es war dem Konzern sehr wichtig das man unbedingt das gute #openvpn durch #ivanti bzw. damals noch #pulsesecure ersetzt. Bedenken waren egal, denn es ging ja um Compliance, nicht um Security.

Auch Hinweise auf die CVE Sammlung von Ivanti haben nicht zum umdenken angeregt. "Works for >100k" war eine relevantere Metrik als diverse CVSS > 8.0. 🤷

Ivanti sammelt CVEs wie andere Pokemon.

Konzerne: 😍
Security: 🙈

Lisa Lorenzin (she/her)llorenzin@infosec.exchange
2024-02-03

True facts. AFAICT, the #Ivanti mess is technical-debt chickens coming home to roost. I was at #NetScreen when we acquired #Neoteris (originators of the #SSLVPN product), and then over the next two decades #Juniper > #PulseSecure > #Ivanti have tortured that legacy codebase with everything from FrankenNAC to PE-driven developer offshoring to bolt-on cloud-service offerings. TBH the only thing that surprises me about this is that it took so long.
Pouring one out for what was truly a revolutionary #VPN solution when it debuted 20-some years ago...

heise online (inoffiziell)heiseonline@squeet.me
2021-04-20
Mindestens zwei Gruppen attackieren Pulse Secure VPN-Appliances über eine bislang unbekannte Sicherheitslücke. Patches gibt es bislang keine. Kritische 0-Day-Lücke in Pulse Secure VPN aktiv ausgenutzt
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️SOSOrdinet@social.targaryen.house
2020-10-29
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️SOSOrdinet@social.targaryen.house
2020-10-15
heise online (inoffiziell)heiseonline@squeet.me
2020-10-07
Zwei aktuelle Studien beleuchten die IT-Sicherheit in Unternehmen. Die Befragten sehen sich immer mehr Bedrohungen ausgesetzt und investieren kräftig.
Studie: Sicherheit ist Entscheidungsträgern zu komplex
2020-09-24

Feds Hit with Successful Cyberattack, Data Stolen - The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit. threatpost.com/feds-cyberattac #microsoftoffice365credentials #dataexfiltration #federalagency #inetinfo.exe #cyberattack #pulsesecure #spycampaign #government #cisaalert #espionage #malware #exploit #hacks

🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️SOSOrdinet@social.targaryen.house
2020-08-20
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️SOSOrdinet@social.targaryen.house
2020-08-06
2020-05-15

Top 10 most exploited vulnerabilities list released by FBI, DHS CISA - The agencies say it's vital to prioritize patching. Otherwise, we're making it easy for attackers ... more: nakedsecurity.sophos.com/2020/ #objectlinkingandembedding #vulnerabilitylist #securitythreats #vulnerability #apachestruts #pulsesecure #adobeflash #sharepoint #office365 #exploits #malware #citrix #drupal #.net #cisa #ole #vpn

2020-04-17

DHS Urges Pulse Secure VPN Users To Update Passwords - The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure V... more: threatpost.com/dhs-urges-pulse #credentialpassword #vulnerabilities #pulsesecurevpn #criticalflaw #pulsesecure #password #hacks #cisa #dhs

2020-01-08

REvil ransomware exploiting VPN flaws made public last April - Researchers report flaws, vendors issue patches, organisations apply them - and everyone lives hap... more: nakedsecurity.sophos.com/2020/ #badpacketsreport #securitythreats #vulnerability #pulsesecure #ransomware #sodinokibi #malware #revil #vpn

2020-01-07

Sodinokibi Ransomware Behind Travelex Fiasco: Report - Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the c... more: threatpost.com/sodinokibi-rans #foreigncurrencyexchange #unpatchedservers #vulnerabilities #cve-2019-11510 #cve-2019-11539 #cyberattack #pulsesecure #ransomware #sodinokibi #travelex #malware #vpn

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst