Lucene search
K

25 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.354 views

Pulse Secure VPN Arbitrary File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary File Disclosure', 'Description' = %q This module exploits a pre-auth directory traversal in the Pulse Secure VPN serve...

10CVSS7.4AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2021/05/28 7:29 a.m.286 views

Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures TTPs adopted by Chinese threat actors who were recently found abusing Pulse Secure VPN devices to drop malicious web shells and exfiltrate sensitive information from enterprise networks. FireEye's...

10CVSS0.4AI score0.47172EPSS
Exploits9
The Hacker News
The Hacker News
added 2021/05/04 7:52 a.m.129 views

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893 CVSS score 10, the flaw concerns "multiple us...

10CVSS1.6AI score0.47172EPSS
Exploits9
Malwarebytes
Malwarebytes
added 2021/04/23 2:0 p.m.87 views

SUPERNOVA malware discovered on SolarWinds Orion server

The Cybersecurity and Infrastructure Security Agency CISA has reported finding the SUPERNOVA web shell collecting credentials on a SolarWinds Orion server. These observations were made during an incident response to an Advanced Persistent Threat APT actor’s year-long compromise of an enterprise...

7.5CVSS1.4AI score0.9198EPSS
Exploits3
The Hacker News
The Hacker News
added 2021/04/21 4:20 a.m.2858 views

WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

If Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability CVE-2021-22893 that is currently being exploited in the wild and for which there is no patch available yet. At least two threat...

10CVSS0.6AI score0.99999EPSS
Exploits35
0day.today
0day.today
added 2021/04/07 12:0 a.m.143 views

Pulse Secure VPN Arbitrary Command Execution Exploit

Pulse Secure Pulse Connect Secure versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure versions 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1 have an...

8CVSS0.6AI score0.98617EPSS
Exploits12
ICS
ICS
added 2020/10/24 12:0 p.m.61 views

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...

10CVSS9.7AI score0.99999EPSS
Exploits22References53
ThreatPost
ThreatPost
added 2020/10/21 8:31 p.m.825 views

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

Chinese state-sponsored cyberattackers are actively compromising U.S. targets using a raft of known security vulnerabilities – with a Pulse VPN flaw claiming the dubious title of “most-favored bug” for these groups. That’s according to the National Security Agency NSA, which released a “top 25”...

10CVSS9.3AI score0.99999EPSS
Exploits451References21
The Hacker News
The Hacker News
added 2020/09/15 9:14 a.m.2516 views

CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies

The US Cybersecurity and Infrastructure Security Agency CISA issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese Ministry of State Security-affiliated cyber threat...

10CVSS0.7AI score0.99999EPSS
Exploits159
ThreatPost
ThreatPost
added 2020/09/14 9:20 p.m.426 views

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently available...

10CVSS0.3AI score0.99999EPSS
Exploits159References17
HackRead
HackRead
added 2020/08/05 8:18 p.m.91 views

Sensitive data of 900 Pulse Secure VPN servers leaked on hacker forum

By Sudais Asif The team behind Pulse Secure VPN had a year to fix the flaw but it did not get a fix. This is a post from HackRead.com Read the original post: Sensitive data of 900 Pulse Secure VPN servers leaked on hacker forum...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/17 8:56 p.m.196922 views

DHS Urges Pulse Secure VPN Users To Update Passwords

The Department of Homeland Security DHS is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have...

7.5CVSS9.2AI score0.99999EPSS
Exploits23References14
The Hacker News
The Hacker News
added 2020/04/17 11:20 a.m.6 views

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...

10CVSS8.2AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2020/04/17 11:20 a.m.303 views

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...

10CVSS2AI score0.99999EPSS
Exploits22
ICS
ICS
added 2020/04/15 12:0 p.m.61 views

Continued Exploitation of Pulse Secure VPN Vulnerability

Summary Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix an arbitrary file reading vulnerability, known as CVE-2019-11510, can become compromised in an attack. 1 Although Pulse Secur...

10CVSS9.9AI score0.99999EPSS
Exploits22References31
ThreatPost
ThreatPost
added 2020/01/07 5:4 p.m.216 views

Sodinokibi Ransomware Behind Travelex Fiasco: Report

The Sodinokibi ransomware strain is apparently behind the New Year’s Eve attack on foreign currency-exchange giant Travelex, which has left its customers and banking partners stranded without its services. The criminals behind the attack are demanding a six-figure sum in return for the decryption...

7.5CVSS0.99999EPSS
Exploits34References18
Openbugbounty
Openbugbounty
added 2019/12/03 9:27 p.m.12 views

remote.walink.org Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1030029 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/12/03 9:24 p.m.11 views

remotelink.nortonhealthcare.org Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1030028 Security Researcher 0xSkywalker Helped patch 3 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting remotelink.nortonhealthcare.org website and its users. Following coordinated and responsible vulnerability disclosure...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/11/13 12:0 a.m.174 views

Pulse Secure VPN Arbitrary Command Execution Exploit

This Metasploit module exploits a post-auth command injection in the Pulse Secure VPN server to execute commands as root. The env1 command is used to bypass application whitelisting and run arbitrary commands. Please see related module auxiliary/gather/pulsesecurefiledisclosure for a pre-auth fil...

8CVSS0.5AI score0.98617EPSS
Exploits12
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.291 views

Pulse Secure VPN Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary Command Execution', 'Description' = %q This module exploits a post-auth command injection in the Pulse Secure VPN serv...

6.5CVSS0.3AI score0.98617EPSS
Exploits12
Rows per page
Query Builder