Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks
Ransomware actors are actively exploiting a critical flaw in the Pulse Secure VPN service, a security researcher recently discovered. The flaw, tracked as CVE-2019-1150, enables attackers to establish unauthenticated HTTPS connections to enterprise networks using the VPN service. Pulse Secure patched the issue in April of last year, and on Monday issued an alert warning customers who haven’t installed this update yet to do so ASAP.
Security analysts believe that the recent ransomware on global currency exchange giant Travelex is likely linked to the Pulse Secure vulnerability. That attack involved the prominent REvil (Sodinokibi) ransomware.