Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday October 12 2019, @05:46PM   Printer-friendly
from the like-father-like-son dept.

Submitted via IRC for Bytram

American intelligence follows British lead in warning of serious VPN vulnerabilities

The US National Security Agency (NSA) is warning admins to patch a set of months-old security bugs that have recently come under active attack.

The NSA's bulletin, issued earlier this week, says that state-sponsored hacking groups are now actively targeting the remote takeover and connection hijacking flaws in VPNs that were first publicized in April of this year.

"These vulnerabilities allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways. Other vulnerabilities in the series allow for interception or hijacking of encrypted traffic sessions," the NSA warned.

"Exploit code is freely available online via the Metasploit framework, as well as GitHub. Malicious cyber actors are actively using this exploit code."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Sunday October 13 2019, @05:35AM

    by Anonymous Coward on Sunday October 13 2019, @05:35AM (#906543)

    Why. So. SERIOUS???