Pulse Secure says it has fixed VPN issue that saw major targets hacked

Security experts link attacks to Chinese state-sponsored threat actors

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security firm Ivanti says it has fixed a zero-day vulnerability in itsPulse Connect Secure(PCS)VPNappliance that was being actively exploited to compromise the internal networks of defense firms and government agencies.

A recentinvestigationcarried out by the Cybersecurity and Infrastructure Security Agency (CISA) revealed that a zero-day vulnerability in PCS could have allowed cybercriminals to breach at least five US federal agencies.

According tocybersecurityfirmFireEye, the vulnerability, tracked as CVE-2021-22893, enabled threat actors to deploy malware on PCS devices in order to steal credentials and provide backdoor access to any compromised network.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

FireEye has attributed the cyberattacks to hackers believed to be based in China.

Under constant threat

Under constant threat

Ivanti responded by first releasing thePulse Connect Secure Integrity Toolto enable users to check if hackers had modified any files on their Pulse Secure appliances.

They followed it up now by patching the vulnerability altogether with the help of CISA, FireEye and other cyber security experts.

“The Pulse team took swift action to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system, and we are pleased to be able to deliver a security patch in such short order to address the vulnerability,” said Phil Richards, Chief Information Security Officer at Ivanti.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In light of the attack, Richards added that the company is making “significant investments” to enhance their overall cyber security posture, including a broader implementation of secure application development standards.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

This new phishing strategy utilizes GitHub comments to distribute malware