SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    American Intelligence Follows British Lead in Warning of Serious VPN Vulnerabilities
Date    Saturday October 12 2019, @05:46PM
Author    Fnord666
Topic   
from the like-father-like-son dept.
https://soylentnews.org/article.pl?sid=19/10/12/0240255

upstart writes:

Submitted via IRC for Bytram

American intelligence follows British lead in warning of serious VPN vulnerabilities

The US National Security Agency (NSA) is warning admins to patch a set of months-old security bugs that have recently come under active attack.

The NSA's bulletin, issued earlier this week, says that state-sponsored hacking groups are now actively targeting the remote takeover and connection hijacking flaws in VPNs that were first publicized in April of this year.

"These vulnerabilities allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways. Other vulnerabilities in the series allow for interception or hijacking of encrypted traffic sessions," the NSA warned.

"Exploit code is freely available online via the Metasploit framework, as well as GitHub. Malicious cyber actors are actively using this exploit code."


Original Submission

Links

  1. "upstart" - https://soylentnews.org/~upstart/
  2. "American intelligence follows British lead in warning of serious VPN vulnerabilities" - https://www.theregister.co.uk/2019/10/10/nsa_ncsc_vpn_warnings/
  3. "publicized in April" - https://www.theregister.co.uk/2019/04/12/uscert_vpn_alert/
  4. "the NSA warned" - https://media.defense.gov/2019/Oct/07/2002191601/-1/-1/0/CSA-MITIGATING-RECENT-VPN-VULNERABILITIES.PDF
  5. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=36792

© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, American Intelligence Follows British Lead in Warning of Serious VPN Vulnerabilities on 2024-03-28 21:33:26