Pulse Secure fixes VPN zero-day used to hack high-value targets

Bleeping Computer

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt agencies.

Last week, cybersecurity firm FireEye revealed that threat actors actively exploited the zero-day vulnerability, tracked as CVE-2021-22893, to deploy malware on Pulse Secure devices to steal credentials and provide backdoor access to compromised networks.

A day later, US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive ordering federal agencies to mitigate the vulnerability within two days by disabling the Windows File Share Browser and Pulse Secure Collaboration features.

Pulse Secure also released the Pulse Connect Secure Integrity Tool to check if hackers modified any files on their Pulse Secure appliances.

Full article