Threat Post

Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs

The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to China, to attack U.S. defense targets among others. Pulse Secure has rushed a fix for a critical ...
Redmond Magazine

Pulse Connect Secure VPN Gateway Has New 'Critical' Vulnerability Under Exploit

Ivanti's Pulse Secure on Tuesday noted that a new security vulnerability has been found in its Pulse Connect Secure VPN appliances. The new vulnerability (CVE-2021-22893) enables "an unauthenticated ...
Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
Bleeping Computer

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide ...
Computer Weekly

Chinese APT exploits critical CVE in Pulse Secure VPN

Users of Pulse Secure VPN are being urged to patch a newly disclosed authentication bypass zero-day that enables an unauthenticated user to perform remote arbitrary file execution on the Pulse Secure ...
Network World

Pulse Secure VPN enhanced to better support hybrid IT environments

Thanks to more than 100 enhancements and new features, Pulse Connect Secure can better support BYOD and hybrid IT environments where applications are in the data center and in the cloud. The workplace ...
ZDNet

Researchers find four new malware tools created to exploit Pulse Secure VPN appliances

Pulse Secure's virtual private network (VPN) and Secure Connect (PSC) solutions are used by corporations worldwide to provide secure access to business systems. However, on April 20, FireEye's ...