Spy groups hack into companies using zero-day flaw in Pulse Secure VPN
Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.
Credit: Dreamstime
Over the past few months, several cyber espionage groups, including one believed to be tied to the Chinese government, have been breaking into the networks of organisations from the United States and Europe by exploiting vulnerabilities in VPN appliances from zero-trust access provider Pulse Secure.
Some of the flaws date from 2019 and 2020, but one was unknown until this month.
"Mandiant is currently tracking 12 malware families associated with the exploitation of Pulse Secure VPN devices," researchers from Mandiant, the MDR and incident response arm of security vendor FireEye, said in a newly released report.