CYBER 101

  • Alerts
  • Blog
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Subscribe to our newsletter

FOLLOW US

No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Jobs
  • Vendors
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
  • Jobs
  • Vendors
Get Help
CyberMaterial
Home Alerts

US HHS warns healthcare orgs of Royal Ransomware attacks

Reading Time: 2 mins read
in Alerts

 

More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns.

Touted as the most widely deployed SSL VPN solution, Pulse Connect Secure provides remote and mobile users with secure access to corporate resources. The VPN appliance is part of Ivanti’s portfolio, after it acquired Pulse Secure in 2020.

Pulse Secure appliances are known for being the target of choice for both cybercriminals and state-sponsored threat actors, and government agencies have issued multiple alerts to warn of continuous exploitation of unpatched vulnerabilities in these products.

Despite that, however, the number of vulnerable Pulse Connect Secure hosts remains high, Censys’ latest report shows: 4,460 out of 30,266 appliances exposed to the internet lack patches.

According to the report, roughly 3,500 of the vulnerable appliances are missing patches released in August 2021 to resolve six vulnerabilities, including a critical-severity file write bug that can be exploited to execute arbitrary code with root privileges.

Censys also discovered that over 1,800 of the vulnerable hosts have not been patched against three critical-severity issues that Pulse Secure resolved in May 2021, two weeks after warning that one of the flaws (CVE-2021-22893, CVSS score of 10) was being exploited in attacks.

The new findings illustrate the threat actor’s continued abuse of Internet Explorer flaws such as CVE-2020-1380 and CVE-2021-26411 to drop backdoors like BLUELIGHT and Dolphin, the latter of which was disclosed by Slovak cybersecurity firm ESET late last month.

Another key tool in its arsenal is RokRat, a Windows-based remote access trojan that comes with a wide range of functions that allow it to capture screenshots, log keystrokes, and even harvest Bluetooth device information.

 

READ FULL ARTICLE

Tags: AlertsAlerts 2022CensysDecember 2022Pulse Connect SecureVulnerabilities
ADVERTISEMENT

Related Posts

Over 1,800 Android phishing forms for sale on cybercrime market

Over 1,800 Android phishing forms for sale on cybercrime market

February 2, 2023
Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

February 2, 2023
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

February 2, 2023
White House Mulls Banning Huawei’s Access to US Technology

White House Mulls Banning Huawei’s Access to US Technology

February 2, 2023

More Articles

Podcast

The Product10x Podcast: Shift-Left Security and the Future of Cyber Risk

April 1, 2022
Alerts

Kaseya VSA Supply-Chain Ransomware Attack

July 2, 2021
Alerts

Sophos security advisory (AV22-677)

December 5, 2022
Tool

Debricked

July 29, 2022
Incidents

Battle for the Galaxy: 6 Million Gamers Hit by Data Leak

June 2, 2021
Document

Scaling Static Analyses at Facebook

July 25, 2022
Incidents

LockBit Group Claims Attack on Port of Lisbon

December 30, 2022
Incidents

Data leak exposes information of 10,000 French social security beneficiaries

January 11, 2023
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.