CyberNews Briefs

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

Ransomware actors are actively exploiting a critical flaw in the Pulse Secure VPN service, a security researcher recently discovered. The flaw, tracked as CVE-2019-1150, enables attackers to establish unauthenticated HTTPS connections to enterprise networks using the VPN service. Pulse Secure patched the issue in April of last year, and on Monday issued an alert warning customers who haven’t installed this update yet to do so ASAP.

Security analysts believe that the recent ransomware on global currency exchange giant Travelex is likely linked to the Pulse Secure vulnerability. That attack involved the prominent REvil (Sodinokibi) ransomware.

Read more: Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.