Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday October 12 2019, @05:46PM   Printer-friendly
from the like-father-like-son dept.

Submitted via IRC for Bytram

American intelligence follows British lead in warning of serious VPN vulnerabilities

The US National Security Agency (NSA) is warning admins to patch a set of months-old security bugs that have recently come under active attack.

The NSA's bulletin, issued earlier this week, says that state-sponsored hacking groups are now actively targeting the remote takeover and connection hijacking flaws in VPNs that were first publicized in April of this year.

"These vulnerabilities allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways. Other vulnerabilities in the series allow for interception or hijacking of encrypted traffic sessions," the NSA warned.

"Exploit code is freely available online via the Metasploit framework, as well as GitHub. Malicious cyber actors are actively using this exploit code."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Touché) by MostCynical on Saturday October 12 2019, @08:10PM

    by MostCynical (2589) on Saturday October 12 2019, @08:10PM (#906419) Journal

    Sign says that on the door..

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
    Starting Score:    1  point
    Moderation   +1  
       Touché=1, Total=1
    Extra 'Touché' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3